Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

New Year’s Resolution: Return to Cyber Security Essentials

When it Comes to Information Security, 100 Percent Protection is Unattainable

When it Comes to Information Security, 100 Percent Protection is Unattainable

As we enter 2018, it is a good time to reflect on what happened in cyber security last year. The learnings from the past 12 months can help us set a clear path for minimizing the risk of succumbing to data breaches in the New Year. In 2017, the news headlines were dominated by global ransomware attacks such as WannaCry and NotPetya, a growing number of new vulnerabilities (i.e., KRACK, WordPress, ROCA), and massive breaches such at Verizon, Equifax, and Uber. Considering the scale and sophistication of these attacks, many organizations need to revisit their security strategies in order to limit their exposure to cyber threats in 2018. 

According to Gartner, worldwide security spending will reach $96 billion in 2018, up 8% from the 2017 spend of $89 billion. Meanwhile we’re experiencing a continuous increase in security incidents, which raises doubts about the effectiveness of these investments. When conducting post-mortem analysis of the data breaches that occurred in 2017, it becomes apparent that many of these big breaches can be attributed to a longstanding failure to implement basic cyber security measures (e.g., multi-factor authentication), botched usage of existing security tools to streamline the mitigation of known vulnerabilities, and lack of security measures for protecting sensitive data.

Instead of earmarking security investments for bolstering traditional perimeter defenses, which is a losing battle, organizations need to return to the essentials of cyber security. In doing so, they can improve their security posture and limit exposure to data breaches. Focusing on the following three areas will provide greatest return on security investments in 2018.

Data Integrity

Undeniably, data is the prime target for attackers. Therefore, protecting data so it cannot be exfiltrated or modified, makes preventing network breaches less critical. Unfortunately, data is often left unsecured. For example, a quick web search for “data breach and unencrypted data” produces thousands of results that illustrate how many organizations fail to protect the integrity of their data and don’t even encrypt sensitive information.

The first step to assure data integrity, is to classify data into categories that reflect the business need to protect them, such as “public”, “internal use”, “confidential”, and “top secret”. Unfortunately, data classification is often abandoned due to the manual efforts required to maintain an up-to-date inventory amid constantly changing nature information. However, some cyber risk management systems provide dynamic grouping capabilities with drag and drop capabilities that can automate the realignment of data classifications and propagate changes to all associated nodes.

Data classification will subsequently determine what data should be encrypted, which typically applies to all personal identifiable information (PII). Innovations in encryption technology over the past few years have eliminated many of the previous performance and deployment roadblocks. Organizations should place special emphasis on developing well-documented and implemented encryption policies for protecting sensitive data, wherever it resides and however it is transmitted.

Advertisement. Scroll to continue reading.

Identity Management

Access control is the Achilles heel of many security programs, since practitioners must balance data availability with measures that prevent unauthorized usage (e.g., theft, disclosure, modification, destructions). Meanwhile, hackers often target privileged users since their accounts provide a beachhead into the entire network. Therefore, strict enforcement of well-defined access control policies and continuous monitoring of access paths to ensure they are working as intended are essential for the success of data integrity initiatives. 

As part of a modern identity management model, organizations should consider transitioning to a Zero Trust model, that operationalizes the “never trust, always verify” principle. With Zero Trust there is no default trust for any entity — including users, devices, applications, and packets. 

Risk-Based Prioritization 

Effective prioritization of vulnerabilities and incidents is essential to staying ahead of attackers.

While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data. To achieve this, internal security data needs to be correlated with its business criticality and external threat intelligence to derive the real risk exposure to the organization. Without a risk-based approach to security, organizations can waste valuable IT resources mitigating vulnerabilities that in reality pose little or no threat to the business.

When it comes to information security, 100 percent protection in unattainable. However, by supplementing traditional perimeter defense mechanisms with data integrity, identity management, and risk-based prioritization principals, organizations can significantly reduce their exposure to Uber scale data breaches in 2018.

Written By

Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with nearly 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten has held executive level positions with Absolute Software, Centrify (now Delinea), RiskSense (acquired by Ivanti), RiskVision (acquired by Resolver, Inc.), ActivIdentity (acquired by HID® Global), Digital Link, and Everdream Corporation (acquired by Dell).

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...