Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

When it Comes to Business Defense, Simplicity is the Watchword

Enterprises Must go Beyond the Perimeter and Worry About the Surface Area that is Open for Attack and the Challenge of Detecting Attacks Quickly

Enterprises Must go Beyond the Perimeter and Worry About the Surface Area that is Open for Attack and the Challenge of Detecting Attacks Quickly

Cyber security, fraud prevention, compliance with regulations, and anti-money laundering measures are all facets of business defense. Failures in any one of these and a company could be facing significant fines, reputational damage and extensive forensic and remediation costs. For financial services firms, this could mean a ten-year hangover in terms of Operational Risk Capital. The challenges are many and the solutions are not simple.

Yet, simplicity is key to business defense. Complexity, in terms of the number of distinct systems, processes, data repositories, vendor relationships and other variables are opportunities for exploitation. Simplicity is also key in the new layered defense mode – where the outer layers reduce the likelihood of a successful exploit, and the inner layers find the exploits that evade your other controls.

We’ve heard many times about defense of the perimeter–the idea that we need to keep bad people out of systems. But the perimeter is not the only consideration. You must also consider surface area and topology.

Data Center SecurityYour company’s surface area increases with every device and application that you support – especially if they are all connected. Cyber attacks on corporate systems have come from systems as varied as third party suppliers and Point-of-Sale systems, although they are more likely to come from an infected email or a corrupted website.

Your security processes become strained by the number of devices and systems. Make sure one thousand PCs are patched; how about ten thousand? Deal with dozens of BYOD device types; how about hundreds? Add a new development environment or language to the existing one when each one has different vulnerabilities and requires different processes to secure them?

Complexity also makes it harder to spot anomalies in the system. It’s one of the reasons why break-out fraud and money laundering use hundreds of accounts and transactions. Criminals do their best to hide their activities by hiding in plain sight; mimicking the normal behaviors at the micro level. It’s only at the macro level that the fraudulent patterns emerge. The more systems and processes you have the harder it is to get that macro view; not to mention more costly and time consuming.

Complexity hampers your controls in another way as well. If your control specialists (AML investigators, fraud investigators, and cyber security experts) spend their time acquiring data from different systems or switching between systems to do their jobs they are less effective. A standard response is to dedicate resources to a specific business line or even to specific systems. Unfortunately, this creates silos of information that hamper detection at the macro level. The push for convergence cites the elimination of information silos and an increase in investigator productivity as one of the driving forces.

So are you damned if you do and damned if you don’t? Not really – just follow Albert Einstein’s guidance, “Everything should be as simple as it can be, but not simpler.”  Constantly look for ways to simplify your environment including infrastructure, applications and business processes–then work to keep those systems secure. When constructing business cases, include the benefits of reduced risk and lower potential capital costs as part of your business rationale. From a personnel perspective, reward the people that simplify on par with those delivering the latest functionality.

Advertisement. Scroll to continue reading.

In today’s hyper-connected world it’s not sufficient to worry only about the perimeter. We have to assume that fraudsters and criminals will evade some of our defenses. Therefore, we have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.

Related: Complexity is the Enemy of Security

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...