Lose Battles, But Win the War: Devising a Grand Strategy for Security
It’s clearly a good idea to build solid defenses to try and prevent successful cyberattacks, but it’s important to be realistic. Consider that 67 percent of global enterprises have now been breached, according to Thales, and you’ll soon realize that it’s not a question of “if” you’re going to be hacked, but rather “when.” Losing the odd battle is inevitable, but with the right strategy you can make sure that you win the war.
Relying upon an external perimeter of firewalls, internet proxy services and gateways is a fundamentally flawed, but extremely common approach. The trouble is that once attackers find a way round your “Maginot Line” of defenses, they have a clear run on Paris, which in this analogy is your data. The most valuable asset any company possesses is its data, so perhaps starting there and building defenses out is a better way to view the problem.
Let’s take a closer look at a few vital considerations for anyone drawing up a grand strategy for security.
Clouds on the Horizon
The enterprise has embraced the cloud and cloud services have proliferated in the last few years. While 81 percent of enterprises have a multi-cloud strategy today, according to Right Scale’s State of the Cloud Report, 77 percent have correctly identified security as a challenge. It’s not unusual for an enterprise to be working with 20 different cloud providers. Businesses and their end users are typically using hundreds of cloud services at any given moment. This all adds up to massive potential for data leakage, for data loss, and for regulatory compliance issues.
Cloud services are often adopted directly by business units now, so resilience and business continuity may not have been given the consideration they’re due. Many organizations are also exposing internal data through their APIs which could be providing business competitors with valuable insights that can be used to dull your competitive edge.
A proper assessment of your potential business risk requires a broad interrogation of your cloud adoption, backed up by comprehensive protection at the edge, where people connect.
Detecting Data Leakage
Just as sensitive business data may be exposed by multi-cloud environments, personal data is increasingly at risk through social media. When data gets into the wrong hands it represents a serious threat to your security. You can’t take it for granted that your data isn’t out there. Just because you haven’t detected a breach doesn’t mean that it doesn’t exist, after all most breaches are several weeks old before they’re detected.
Run some business risk cyber-threat analysis tools against your company name. Search for sensitive data, whether it’s secret code names, individuals' names, your CEO's address, certain credit card numbers, account numbers, or maybe even entire paragraphs, pages or pictures in documents. You must ensure that this information is not available outside your organization, possibly even for sale on the Dark Web.
You don’t want to find anything, but if it’s out there it’s far better to know. This way you can act to protect your customers, prevent further leaks and trace possible gaps in your defenses. Proactive insight enables you to safeguard your business reputation and maintain trust and confidence.
Consider Your Partners
It’s vital to apply the same scrutiny to your rapidly growing ecosystem of partners and cloud services as you do to your own organization. If you don’t carefully manage this complexity and achieve a high level of oversight, then you run a very real risk of fines for non-compliance. Your customers are no more likely to apportion blame to a third-party partner than the regulators, so you can add reputational damage to the threat list.
Working with start-ups and other digital partners is crucial to drive innovation but perform due diligence and pick partners that are compliant, trustworthy and ISO-certified at the level you need. If new partners with less mature security strategies have access to your environment, then hackers will view them as low hanging fruit and use them as a backdoor in. You need real visibility and control to provide secure contextualized access for remote workers and third-parties.
Artificial Intelligence and Automation
Finding threats and dealing with them swiftly and effectively is key. Within minutes of setting up a server with an open port nowadays, there are going to be exploitation attempts. Automated defenses to flag problems and close gaps are one of the best ways to nullify the threat.
Employ AI and behavioral analytics to scan for patterns and identify anomalies and suspicious traffic. If something is out of the ordinary, you can shut it down automatically with the right, properly configured tools, effectively slamming that door shut before the attacker gets in. Real-time monitoring that encompasses analysis of data movement and traffic patterns, combined with micro-segmentation of your network, can prove very effective.
Security is a war that’s continually raging, and you will lose the odd battle, but a grand strategy looks beyond that at the bigger picture, planning ahead and plotting a course for a more secure future.