Demetrios Lazarikos, IT Security Strategist & Thought Leader, discussed the evolution of security and the latest trends with theCUBE co-hosts Jeff Kelly and Dave Vellante, live from this year’s Slunk .conf.

“I grew up on the computer,” Lazarikos, who had his first computer at age 12, said. He has worked in the US Air Force and then the private sector, focusing on privacy and security. Talking about the views of his early career, Lazarikos commented, “a lot of companies didn’t take security seriously back then.” It was all about a checklist, part of the standards. “PCI changed that, people started to take security seriously.” Starting with the government, then the financial institutions, security started to expand, becoming more powerful.

Asked how security threats had grown and changed in the last 10 years, Lazarikos said that “organizations want to go out, they want to communicate with the cloud, they want to communicate more with third parties. I think there is a way to do that, but you have to understand how you communicate through sessions.”

Other challenges that are relatively new are related to  the fact that “traditional security tools are being bypassed by cybercriminals. Behavior analytics becomes so much more important at that level, and opens the door for Big Data,” he explained, which allows security experts to tie together all the pieces and parts of the applications, infrastructure, mobile devices, and help determine good/bad behavior.

“The criminals are actually organized now, better, they communicate the same way that businesses do, online, tweets, chat, etc, they are progressing on ways to attack businesses, we as professionals have to do the same thing,” Lazarikos noted.

Vellante then pointed out that, on average, it took 415 days for an intrusion to be detected. Lazarikos said that while the statistic is high, it’s an accurate one. He explained that number of days might actually be lower than the real average, as not everyone reports such incidents properly and there are intrusions that have not been discovered yet.

Security has to be “driven from the board”

“Security has to be driven from the board of directors and from the C-level down,” Lazarikos stated. Organizations have to realize they are a target. At the board level, the typical response is “I am not a target.” Executives have to understand the risk, while “security professionals are starting to move to a risk based approach to security.” Educating the board, C-level, and taking the risk based approach are the steps to take, he explained.

“Splunk has a wonderful tool and it’s open. It will help companies extend on a data strategy. We’re seeing a lot more vendors in the mobile space,” Lazarikos said.

Asked if security experts needed more data analytics skills today, he said that, “if you look back, network and operating system security is where people thought of security professionals. As the spectrum grows, we are taking mobile, social, Big Data, it is really challenging for the security professional to keep in touch with all the security threats.” Thus he advises to “pick a place, learn several areas, but then collaborate with other security practitioners and see what’s happening.”

Asked to pick the one action item he’d recommend to C-levels, Lazarikos said it would be to “perform a risk assessment on all their IT assets right now. Do a formal risk analysis of your environment before you invest in security.”