Security specialists are fond of using expressions like "robust protection" and "multi-layered defenses" when it comes to setting out their stall and telling us exactly how they are able to protect our data and applications. Looking closer at enterprise security, we see that lower down the buzzword pecking order for some reason is the word "insight" in its various forms.

It seems insight means more than one thing in information technology these days, but perhaps it's no coincidence that every meaning or interpretation of the term essentially falls somewhere under the umbrella of enterprise security.

• Insight means "application visibility" -- and the need for a clear picture of enterprise software form, function and therefore stability.
• Insight means "staff and stakeholder" control - and the ability to stipulate policy throughout the enterprise on access controls and privileges.
• Insight means "customer insight" - into the way companies and individuals (and often partners) will interface with a firm's delivery channels (electronic and traditional) as they consume goods and services.
• Today, insight also means "cloud knowledge" - and the ability to detail exactly where our data is housed in a multi-tenant cloud.

We could continue this stream of thought and start talking about insight into mobile device usage patterns, insight into security risks arising from users and their unmanaged actions and insight into the malicious intentions that drive hackers, spammers and phishing scammers as they try to perpetrate our organizations' protective structures.

At the risk of turning this discussion into an analysis of the English language, the noun insight is typically defined as something like: the action uncovering the true nature of a thing, perhaps through intuitive understanding with "penetrating mental vision or discernment"; leading us to a point at which we can see inner character and/or underlying truth.

What this breaks down to is a realization that enterprise security insight may be something that we already know, but that we have (for some reason or other) failed to understand. For example, a firm's greatest risk to its security often comes from within, i.e., its own employee base. Not that employees need to be harboring malicious intent per se, they may just be uninformed and not able to realize how dangerous it could be to plug an infected smartphone into an office desktop machine.

In the Dark
If they didn't have insight, the company didn't have insight into their actions and neither party (initially at least) has insight into the ramifications resulting from these actions until they are fully played out in what may be a damaging series of consequences.

Unfortunately there is no formula or handy algorithmic function for deducing "insight" as a hard and fast business variable. This is where security intelligence and risk assessment come to the fore. With the ability to assess our data risk at any given time, we can then start to plan for a) appropriate actions in the face of a security breach b) the re-location of our most sensitive data and applications to more accurately defined and controlled environments where risk is lower and c) greater business agility from that knowledge-empowered point forward.

Insight Is Everything
Only by maximizing insight are we able to able to truly gain value from operational security measures. Without insight, security is just a brick wall, i.e., we don't know how much it is keeping safe and we don't know how much it is keeping out.

If you have been reading this and you agree with some of the principles discussed, yet you think that we have already over-used the word insight in our general discussion of information technology on the web; then try ‘comprehension' or ‘discernment' or ‘perception' - they all come to the same thing.

Now then, tell us, was that insightful?

• • •

This post was first published on the Enterprise CIO Forum