Last updated on November 27, 2017
Cyber threats are evolving and so must your defences
A guest post by Mike Bainbridge
Digital transformation is not a new subject. Technology driven evolution of business to develop more efficient ways of interacting with customers and produce products is fuelling business change. As organisations transform, security must be an integral part of the process. Using cloud, mobile apps and allowing employees to use a number of devices means the threat footprint is larger than before. Gone are the days when you could configure a network perimeter firewall and the job was done. As our world becomes virtual and varied, the way we protect ourselves is changing too. However, don’t be fooled into thinking that security is lagging behind. Technology is transforming the SecOps (security operations) industry too. There are a growing number of innovative products and services to help fill the gap and keep you one step ahead.
So, how do you start building your defences? The critical resource to focus on is data. The first step is to understand what data you have which might be valuable to a hacker. Business data has become a commodity, so anything which could have a resale value is a target. This might be intellectual property or valuable customer data. Someone trying to defame a company can request a ransom or threaten to make a hack public. The loss of confidence and brand impact are harder to measure in terms of cost, but as we’ve witnessed from some high-profile security breaches in the last few years, they can have a serious impact. Changing your mind-set and thinking like the hackers is how many modern security experts start planning a defensive strategy. Understanding how you archive, store and protect your data is a vital first step. New regulations are on the way (see GDPR) which make an information audit necessary, so taking this first step will save you effort later down the road.
Potential attackers can come from any corner of the globe. This mobile and active threat is agile, smart and will use any trick or tactic to compromise an exploit. However, there is some good news. Just as corporate data is now the target, it can be used to combat the threat. Smart Security Operations Centres (SOC) are being built and in order to be more effective, they are sharing knowledge with each other. Data on threats, bad actors, exploits and vulnerabilities is available and constantly changing. This network of intelligence means the time taken to identify and isolate a threat is decreasing. Investment in AI and machine learning means that data can be analysed from a wider range of sources and with greater accuracy. As the attackers are getting smarter, so are the defences which can be deployed against them.
As has always been the case, the weakest link is usually the human one. Trusting your employees with access to company networks means they are susceptible to targeted attacks. The need to remember passwords and change them regularly means an inherent and well documented weakness. What is easy for us to remember is typically easy to crack. This is where a smarter approach will soon start to replace the typical challenge/response we are used to. By scoring the risk profile of access to an application or service, authentication services can learn our habits and make the process seamless. For example, if you are trying to access your email account, from your work laptop, while plugged into the office network at your desk, the chances are low that this is someone who is trying to steal data. The risk profile would be scored as low risk and you’d be granted access to the application as normal. However, if you are on an unknown remote network, using a new device and trying to access the accounting software which isn’t part of your job role, this would be scored as high risk. You might then have to supply a biometric (fingerprint or facial scan) confirmation or perhaps be required to use a two-factor response. This intelligent method of authentication aims to make the user experience better, while still ensuring a high-level of security is maintained.
This new approach to problem solving and delivering a seamless end user experience is at the heart of many new security innovations. Just as disruptions in retail, customer service, logistics, medicine and transport are changing our lives, in the background the technology on which these transformations are taking place is protected in a new and exciting way. This is not to say you can take it for granted it is still certainly a worthwhile investment having an internal security capability. The popularity of the CISO (Chief Information Security Officer) to the executive of many large companies highlights how important cyber security has become. There is a common quote which states that if a hacker is determined to steal your data then you can’t stop them. I don’t believe this is true. With the right approach and a forward-thinking mentality, security doesn’t have to cripple a company with policy and complex processes. You don’t have to make life harder for the user. By applying common sense, it is possible to build a strategy which can evolve as a company transforms. Technology is enabling us to work with customers in so many exciting ways if we think in the same terms when securing our data, then security doesn’t have to be a constraint.
–
Mike Bainbridge is a technology evangelist demystifying the complex world of digital technology partners, cloud platforms and industry trends. He helps businesses realise their digital potential and become more successful online.