From mammoth corporate giants Sony and Target to local pubs chains like JD Wetherspoons, cyber attacks have become prolific enough to mislead you into believing we’re fighting a losing battle. But before you wave your white flag, admit defeat and allow digital anarchy to run its course, it’s important to realize that our current approach to cybersecurity is outdated and ill-equipped for the modern threat landscape. Instead of focusing on technology and sophisticated solutions to outsmart cybercriminals, what we need is a new way of thinking about cybersecurity.
There is no such thing as perfect security. As part one and part two of this trilogy highlighted, cyber attacks will continue to penetrate all security mechanisms. There is no stopping this. After all, the Internet has created the perfect environment where malicious cyber activity can thrive anonymously and unabatedly. We need to stop fighting this, and understand that the traditional tried-and-trusted approach to security has no place on this playing field. Part of the paradigm shift that needs to take place is an understanding that cybersecurity cannot be fixed on a technical level alone.
This final part of the trilogy will explore the way forward for the industry. While the reality may seem dismal and at times even a little apocalyptic, this part of the trilogy aims to demonstrate that there’s always light at the end of the tunnel. It is, however, important to understand that this ‘light’ comes at a price both in terms of resources and productivity. Companies rethinking their approach to security need to keep this in mind, and should be prepared to weigh the costs involved before implementing a new security strategy.
Rule #1 - If it ain’t broke … fix it anyway!
This is a cyber war, and we need to be battle-ready. Which means there’s no waiting for the next security breach to fix or improve things. Ideally, security experts should be on the lookout for innovative, cutting-edge solutions. Instead most rely on hackneyed strategies and wonder why this outdated approach to cybersecurity fails to protect them.
A traditional approach to cybersecurity consists of three distinct phases. These include prevention, detection and response. Each phase has its own unique set of activities and strategies to move the process to the next phase. Sounds simple and logical enough, right?
The downside to such an approach is that it fails to take into account the fact that there is no such thing as ultimate prevention. This becomes particularly problematic when you consider that most companies invest the majority of their security resources in acquiring and deploying prevention technology in the hope that this will ward off attacks. Because let’s face it firewalls only go so far, and increasingly that isn’t far enough. While prevention has its place, it cannot be a company’s main line of defense.
Most organizations view cybersecurity as something which is siloed and reactive. This is an ineffective approach to security which places an emphasis on prevention, and means that an organization is left waiting for an attack. Instead, organizations should take a proactive approach which involves predicting and pre-empting attacks. In this way, organizations will be better equipped to respond to the ever-growing number of cyber threats they face on a daily basis.
Where many businesses go wrong is that they invest heavily in technology. This is often why their security capabilities are unable to go beyond basic prevention. Instead, it’s important to invest in educating staff and security personnel, as well as focusing on developing more mature security processes. By combining security awareness, process and relevant technologies organizations will be better placed to detect and respond to a range of threats in real-time.
Rule #2 - Securing the perimeter won’t keep the baddies out
What we really need is security which goes beyond the perimeter. This is a far more sophisticated approach to cyber defense which understands that even the slightest vulnerability serves as a window of opportunity to a hacker. This includes everything from a company’s blog and social media channels to their corporate website.
Social media threats are becoming a growing concern for many enterprises, and yet most cybersecurity strategies tend to overlook this. Earlier this year the Twitter profiles of Newsweek, International Business Times and the U.S. Central Command were hacked. The public nature of these attacks make them particularly appealing to hackers looking to publicly shame a company or organization.
While these social media attacks are a sign of the times they’re also a painful wake up call, and a reminder that we need to adopt smarter security measures. In fact a survey of 277 UK business executives suggests that over 50% are concerned about the risks posed by social media to their security, and yet 38% of these respondents don’t have a proper cybersecurity strategy in place to deal with this. But it’s not just social media which is leaving businesses vulnerable to cyber attacks.
The times are changing, and cybersecurity policies need to keep up. It was once sufficient to focus simply on keeping the the bad guys out. This was enough to give you the peace of mind that your network and data are safe. But this is no longer the case. What many fail to realize is that 55% of attacks are carried out by malicious insiders or employees who are tricked into violating a company’s security through phishing or a social engineering scam. This is why we can no longer afford to focus on prevention, detection and response alone. Instead what we need is a far more nuanced security policy capable of navigating the intricacies of the modern threat landscape.
Rule #3 - Cybersecurity isn’t broken. It’s our approach that needs fixing
We can do much more to outsmart and lessen the blow of cyber attacks. This starts by implementing a proactive and collaborative cybersecurity approach which provides protection beyond the perimeter. To achieve this it’s important to rethink the typical protection-detection-response process. It starts by re-thinking what it means to prevent a security breach. In this extended cybersecurity model, our approach relies on combining technology, people and processes. None of these individually can combat cyber criminals.
Cybersecurity will continue to evolve and adapt to the many threats we’re facing. This is a cyber war after all, and much to the dismay of many security experts, it will be a long and drawn out one. We need to accept that and embrace the fact cybercriminals aren’t going anywhere anytime soon. So make yourself comfortable. You're in for a long, bumpy ride.
The good news is that while not foolproof, investing in cybersecurity beyond the perimeter makes it easier to prevent and minimize the damage caused by a data breach. And more than simply providing peace of mind, such a approach to security will ensure you’re battle-ready for whatever an intruder may throw your way. It puts real-time intelligence at your fingertips and, if used correctly, is more powerful than any perimeter.