Blog - article

Sorry, this blog post has not been posted yet. Come back and check again later!

What’s an adaptive security architecture and why do you need it?

Mike Banic, VP of Marketing
February 2, 2017

As long as I can recall, enterprises have always relied on prevention and policy-based controls for security, deploying products such as antivirus software, IDS/IPS and firewalls.

But as we now know, and industry research firms have stated, they aren’t enough to adequately deal with today’s threat environment, which is flooded by a dizzy array of advanced and targeted attacks.

In an effort to provide some solid direction, Gartner has advised information security architects to do the following:

  • Shift your security mindset from “incident response” to “continuous response” by assuming that your systems are compromised and require continuous monitoring and remediation; and
  • Adopt an adaptive security architecture to protect against advanced threats using Gartner’s 12 critical capabilities as the framework.[1]

Components of an adaptive security architecture

The adaptive security architecture that Gartner refers to provides continuous, pervasive monitoring and visibility. "To enable a truly adaptive and risk-based response to advanced threats, the core of a next-generation security protection process will be continuous, pervasive monitoring and visibility that are constantly analyzed for indications of compromise.”

“Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions and user activity monitoring.”

“Improved prevention, detection, response and prediction capabilities are all needed to deal with all types of attacks, 'advanced' or not.[1] Furthermore, these should not be viewed as siloed capabilities; rather, they should work intelligently together as an integrated, adaptive system to constitute a complete protection process for advanced threats.”

Because no single product can provide a complete security solution, vendors should partner with each other to deliver a comprehensive, interoperable solution to customers.

Functionality and processes that fall under the prevention category should reduce the attack surface by blocking known threats before they impact the enterprise.

Designed to find attacks that sneak past prevention security, good detection should reduce the dwell time of threats as well as any possible damage from them.

Response capabilities are needed to investigate and remediate security issues that are discovered, including forensic analysis, root cause analysis and recommend preventive measures to avoid future incidents.

Finally, predictive technology should incorporate information gleaned by the cybersecurity community in response to real-world events as well as anticipated threats.

Where do you go from here?

Operationally, you’ll be better off with integrated solutions that deliver an adaptive security architecture.

Use the research note Designing an Adaptive Security Architecture for Protection Against Advanced Attacks to evaluate your existing investments and competencies to determine where there are gaps. Also use this architecture to evaluate new vendors and solutions.

Insist on having continuous, pervasive monitoring and visibility of your entire network and ensuring that collected data is analyzed constantly for indications of compromise.

Also be sure that your security infrastructure supports integration with robust threat response solutions to ensure that host devices are quarantined, malicious processes are shut down, and other measures automatically occur to secure the enterprise.

By following these critical steps, your cybersecurity team can save an extraordinary amount of time and effort and they will be empowered to take prompt, decisive action before cyber attacks lead to data loss or damage.

How Vectra enables the implementation of an adaptive security architecture

For step-by-step information on how Vectra addresses the need for an adaptive security architecture, download this free compliance brief.

[1] “Designing an Adaptive Security Architecture for Protection from Advanced Attacks,” by Neil MacDonald and Peter Firstbrook, 12 February 2014, refreshed 28 January 2016, ID G00259490, architecture-protection

About the author

Mike Banic

Mike Banic is the vice president of marketing at Vectra. Previously, he was vice president of global marketing for networking at Hewlett-Packard. Mike joined HP from Juniper Networks where he held the roles of VP of enterprise marketing and VP of marketing for Ethernet switching. Mike joined Juniper through the acquisition of Peribit Networks where he was VP of corporate marketing. Mike has held product marketing and product management roles at Trapeze Networks, Rhapsody Networks and Extreme Networks. He started his career as a system engineer at Artel Communications. Mike holds a BSEE from Worcester Polytechnic Institute in Massachusetts and previously served on the board of the Ronald McDonald House at Stanford.

Author profile and blog posts

Most recent blog posts from the same author


Vectra detections will enable Juniper to block cyberattacks via API

September 9, 2014
Read blog post

The Hidden Risk of Not Detecting Bitcoin Mining

June 6, 2014
Read blog post

Cyberattackers Are Digital Termites

March 1, 2015
Read blog post