With each passing hack, data breach, insider threat, exposure of personally identifiable information (PII), or other similar security slip, IT teams around the world are collectively holding their breath, waiting for that one inevitable question from their superiors: “If it were our company, could you stop an attack?”
The conversation usually goes one of two ways from there. The teams may answer with a mumbled “Probably not,” shielding themselves from the potential onslaught that might come with that admission. But they also could answer with an emphatic “Definitely not, and here’s why,” before going down the well-traveled path regarding the cost, complexity and lack of resources that they feel are stopping them from more effectively doing their jobs.
The third, and more valid, response is that regardless of resources, no one can really stop a hack in its tracks. Some companies blame this on their more limited security spending. However, even those businesses with massive budgets and top-of-the-line technology may find themselves on the wrong end of a breach simply due to the popular but ineffective security perspective that puts too much emphasis on keeping hackers out, and not enough on protecting data from within the infrastructure. The question isn’t really how to stop a hack, but instead how to take those attacks off the table from the start. Businesses that focus exclusively on building a 10-foot wall to ensure hackers stay on the outside run the risk of learning that an experienced data thief can easily find a 12-foot ladder. How can businesses today gain a better understanding of the modern security ecosystem in which we all live and the viable options for protecting their data before an attack begins? Far too many businesses are still using inadequate solutions that don’t properly combat the current threats, leaving IT teams befuddled as to the best approach for the risks ahead. Security teams need to be placing a priority on establishing a holistic approach that incorporates both perimeter and internal defenses. The right resources are there, but few companies are putting them to the proper use.
Here are five hard realities regarding data security protection that today’s tech execs are increasingly reluctant to discuss.
Most systems can’t offer preventative insight into attacks.
Hindsight is 20/20, but even when looking back over a past attack, there may not be a clear answer to the question, “What could we have done differently?” That’s because many security solutions today don’t provide any sort of visibility into how an attack occurred in the near term after the fact, and they aren’t capable of identifying root causes without a massive undertaking of resources and manpower, which usually takes months or even years. Securing data is no easy task; for those companies operating on traditional systems, the only way to confidently keep data protected is by turning their systems off entirely. Since that’s rarely an option, IT teams instead need to rely on a balanced blend of data governance, monitoring and discovery before a hack even begins.
Most traditional cybersecurity solutions match, rather than counteract, hacker strategies.
No one can predict or assume the timing of an attack or its severity, but most businesses can do better in terms of implementing strategies that allow them to be more sensitive to intrusions. Most security solutions crawl through systems and data, moving from the top down through the most vulnerable regions, but this isn’t effective against sophisticated attacks. Hackers primarily use a “back door” approach that involves exploiting vulnerabilities like unused accounts to gain access as an authorized user and install malware to steal valuable information. Top-down security solutions can’t protect against this approach. Such intrusions are only detected through careful monitoring of the system and consistent review of the network’s event logs. Today’s businesses would be better off starting at the bottom of the stack to secure the data at its source, protecting from the inside out, rather than securing the perimeter and hoping that’s enough.
It’s impossible to identify who’s at fault for compromised information.
Who’s the culprit when your data is breached? It’s everyone, and it’s no one. Any employee has the potential to qualify as a threat or be the victim of a carefully planned attack to steal his credentials. Sometimes there are disgruntled personnel involved or intentionally malicious individuals, but just as often, an “insider threat” could turn out to be no more than something as innocent as someone mistakenly saving a file in the wrong location. Intent is inconsequential, though. The focus should be on understanding the data at time of creation and hardening it to minimize the risk of exposure in the first place; once it’s protected at its core, a breached perimeter is less of a threat.
Advancing IT comes with an inherent fear of making it less secure.
As heterogeneous infrastructures continue expanding, the IT teams responsible for them are understandably worried about what that will mean for their security capabilities. New solutions and vendors not only create new management and monitoring challenges, but they sometimes create fresh budget challenges, as well. It’s not a hopeless situation, though. Businesses struggling with this balance need to invest the time in researching and implementing elegant, unified solutions that simplify their struggles, rather than add to them.
Preventing future breach attempts will require working with new, future-facing technologies.
The best approach is to adapt and evolve alongside the changing security ecosystem and advancing technologies, rather than fighting them. There’s a shift happening in the IT landscape. We’ve established why traditional solutions for security and the data center are ineffective when it comes to protecting data – a reality that is difficult to swallow for many security and IT managers, due to the high price tag generally associated with those preferred technologies – so it’s time for the next step toward more forward-thinking offerings. The midmarket is particularly eager for a new option when it comes to cybersecurity strategy, as they often can’t afford enterprise-level protection, and if they do front the cost, they may find it wasn’t worth the investment due to some of these lacking capabilities regarding prevention. Modern technologies have adapted to make up for the shortcomings of traditional strategies, as well as reduce costs to offer greater accessibility to a wider range of organizations with less expansive security budgets. Businesses that recognize these new necessities and adjust accordingly, integrating newer solutions that protect data at its core with supplementary endpoint tactics, have a much better chance of identifying and responding to modern threats in a way that ensures business continuity and productivity.
There’s no denying these are difficult circumstances to address. All these obstacles put in harsh perspective how ill-equipped some modern businesses can be when it comes to protecting their information assets. It’s no surprise IT teams aren't eager to discuss data security struggles when the tools at their disposal can't solve the root problem, but this doesn’t have to be the case. The industry is poised on the brink of a paradigm shift in the way security and IT teams think about cybercrime and effective data protection. Prioritizing a comprehensive security strategy that works from the inside out rather than relying on a build-the-wall, outside-in plan is the first step to concretely reshaping security strategies. By recognizing the specific areas where there’s room for improvement in regards to eliminating vulnerable information in the first place, as well as understanding, monitoring and managing the data at its creation, IT and security execs can get on the same page about what it takes to combat modern risks, and discussions of data security struggles will no longer be off limits.