ARTICLES

SMARTER SOLUTIONS NECESSARY TO FIGHT SMARTER THREATS

“Cybersecurity” has historically been a broad and nebulous topic. Covering everything from access control to firewalls, and everything in between, cybersecurity has always been hard for business leaders to come to grips with because of its many moving parts.

It’s time to start changing the naming conventions, because what we are essentially focusing on (or should be), is the protection of data. We need to start focusing on how organisations use data, and how they protect it, rather than just focusing on the tools that are supposed to keep our companies safe.

For years, businesses perceived themselves to be safe behind the company firewalls and the other infrastructure they had in place. With the massive changes we have seen in the way of working as a result of the Covid-19 pandemic – a change that has been coming for some time now as more companies started exploring remote work – the perception of the perimeter has changed. At the same time, the attack surface has changed.

Staff are no longer sitting behind huge firewalls and infrastructure deployments. They are now working from home without the benefit of those tools to keep them, and the organisation, safe. ISPs offer a basic levels of information security, but companies of all sizes are having to figure out how to add layers of protection in this distributed work environment.

With the sprawl of the organisational network, the target has become easier. That’s not to say it wasn’t always easy. That’s where education and awareness come in, and why a lot of organisations started practicing education and awareness over the past few years, because, essentially, they were trying to create human firewalls.

What has become clear is that how companies look at risk has to change. We already know that once an organisation has been breached, that piece of software or malware has been in the organisation’s system for more than 200. Until now, our approach has been to find the problem, and to try and fix the problem. Essentially, we have been throwing more technologies and controls at the problem to try and prevent the attack from happening in the first place.

The risk cultures of organisations need to change. We need to stop throwing point strategies at the solution. We need to manage, consolidate and make better sense of our data, and we need to start coming up with intuitive, intelligent strategies. If there’s one thing we should have learned, it’s that we can’t continue to bring more technology to the problem and hope for a solution. We need to find better way of doing this.

We’re so busy trying to plug holes, we often forget why we’re plugging those holes. We need to change our strategy on the technologies we are using, and how we arm our people to help us fight the millions of threats that we face on a daily basis. Essentially, this is a software issue, so how do we try and fight software that is growing exponentially with people? We have to start employing the right technologies, doing the right thing to protect us at the right time, while still empowering our people to be part of the overall security apparatus of the organisation.

Everything should start with governance and policy. Policies must be reviewed in light of a better understanding of people, of how we are doing business, and how we are communicating. We can’t rely only on people, or only on technology, to protect the organisation. We have to have the right combination of the right technologies and the right policies to make it work. This shouldn’t be as difficult as we’re making it out to be.

We have to look at information protection from a risk, network, architecture, and data perspective. The human element is just as important, because validation and verification are critical in the fight against bad actors. We can’t bring the business to its to knees because an application looks like it’s a phishing attack or acts like ransomware, so human intelligence is as important as artificial intelligence (AI) in the fight against the threats out there.

In fact, the combination of the two is the key to providing intuitive solutions that can help companies stay ahead of cyber criminals. AI must become part and parcel of what we are doing because we simply can’t continue on the same path we have been on.

We can’t expect cyber security leaders to save 30% on their information security budget when the threat is increasing tenfold, and yet, that is what business is demanding. Add to that the fact that the remote working paradigm has made investments into traditional perimeter technologies null and void, and we can see that people and technology need to work together in new ways to understand the organisation, what it does on a regular basis, and how to marry this to protect the company’s data.

Those companies not asking their vendors how they enable this are doing themselves an injustice, as smarter solutions are needed to fight against smarter threats. Future success will rest on the ability of companies to rely on microservices strategies, rather than huge investments into traditional technologies. It will rely on using the best technology for a reasonable cost, as long as it is intuitive and intelligent. It will rely on embracing change.

to connect with our expert 

Jayson O'Reilly