Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

New Year’s Resolution: Return to Cyber Security Essentials

When it Comes to Information Security, 100 Percent Protection is Unattainable

When it Comes to Information Security, 100 Percent Protection is Unattainable

As we enter 2018, it is a good time to reflect on what happened in cyber security last year. The learnings from the past 12 months can help us set a clear path for minimizing the risk of succumbing to data breaches in the New Year. In 2017, the news headlines were dominated by global ransomware attacks such as WannaCry and NotPetya, a growing number of new vulnerabilities (i.e., KRACK, WordPress, ROCA), and massive breaches such at Verizon, Equifax, and Uber. Considering the scale and sophistication of these attacks, many organizations need to revisit their security strategies in order to limit their exposure to cyber threats in 2018. 

According to Gartner, worldwide security spending will reach $96 billion in 2018, up 8% from the 2017 spend of $89 billion. Meanwhile we’re experiencing a continuous increase in security incidents, which raises doubts about the effectiveness of these investments. When conducting post-mortem analysis of the data breaches that occurred in 2017, it becomes apparent that many of these big breaches can be attributed to a longstanding failure to implement basic cyber security measures (e.g., multi-factor authentication), botched usage of existing security tools to streamline the mitigation of known vulnerabilities, and lack of security measures for protecting sensitive data.

Instead of earmarking security investments for bolstering traditional perimeter defenses, which is a losing battle, organizations need to return to the essentials of cyber security. In doing so, they can improve their security posture and limit exposure to data breaches. Focusing on the following three areas will provide greatest return on security investments in 2018.

Data Integrity

Undeniably, data is the prime target for attackers. Therefore, protecting data so it cannot be exfiltrated or modified, makes preventing network breaches less critical. Unfortunately, data is often left unsecured. For example, a quick web search for “data breach and unencrypted data” produces thousands of results that illustrate how many organizations fail to protect the integrity of their data and don’t even encrypt sensitive information.

The first step to assure data integrity, is to classify data into categories that reflect the business need to protect them, such as “public”, “internal use”, “confidential”, and “top secret”. Unfortunately, data classification is often abandoned due to the manual efforts required to maintain an up-to-date inventory amid constantly changing nature information. However, some cyber risk management systems provide dynamic grouping capabilities with drag and drop capabilities that can automate the realignment of data classifications and propagate changes to all associated nodes.

Data classification will subsequently determine what data should be encrypted, which typically applies to all personal identifiable information (PII). Innovations in encryption technology over the past few years have eliminated many of the previous performance and deployment roadblocks. Organizations should place special emphasis on developing well-documented and implemented encryption policies for protecting sensitive data, wherever it resides and however it is transmitted.

Advertisement. Scroll to continue reading.

Identity Management

Access control is the Achilles heel of many security programs, since practitioners must balance data availability with measures that prevent unauthorized usage (e.g., theft, disclosure, modification, destructions). Meanwhile, hackers often target privileged users since their accounts provide a beachhead into the entire network. Therefore, strict enforcement of well-defined access control policies and continuous monitoring of access paths to ensure they are working as intended are essential for the success of data integrity initiatives. 

As part of a modern identity management model, organizations should consider transitioning to a Zero Trust model, that operationalizes the “never trust, always verify” principle. With Zero Trust there is no default trust for any entity — including users, devices, applications, and packets. 

Risk-Based Prioritization 

Effective prioritization of vulnerabilities and incidents is essential to staying ahead of attackers.

While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data. To achieve this, internal security data needs to be correlated with its business criticality and external threat intelligence to derive the real risk exposure to the organization. Without a risk-based approach to security, organizations can waste valuable IT resources mitigating vulnerabilities that in reality pose little or no threat to the business.

When it comes to information security, 100 percent protection in unattainable. However, by supplementing traditional perimeter defense mechanisms with data integrity, identity management, and risk-based prioritization principals, organizations can significantly reduce their exposure to Uber scale data breaches in 2018.

Written By

Dr. Torsten George is an internationally recognized IT security expert, author, and speaker with nearly 30 years of experience in the global IT security community. He regularly provides commentary and publishes articles on data breaches, insider threats, compliance frameworks, and IT security best practices. He is also the co-author of the Zero Trust Privilege for Dummies book. Torsten has held executive level positions with Absolute Software, Centrify (now Delinea), RiskSense (acquired by Ivanti), RiskVision (acquired by Resolver, Inc.), ActivIdentity (acquired by HID® Global), Digital Link, and Everdream Corporation (acquired by Dell).

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.