Lee Foster – Head of Cyber Security and Information Management at Insentra.
With the rapid rise and volatility of Crypto Currencies together with the ease at which vulnerabilities and exploits are traded on the dark web, we will continue to face ever-increasing and evolving threats like “Spectre & Meltdown” and, so quickly yesterday’s news, “WannaCry and Petya”. Add to that the plethora of buzzwords and confusing narratives surrounding emerging threats and changes to legislation that will impact all areas and business verticals serviced by the channel, it is difficult to filter through the noise. In attempt to bring some order for seeming chaos, maybe we should start with some simple questions.
What innovations will we see in the near future?
The Disruption of BlockChain
With the continued evolution of BlockChain and the inherent benefits of immediate global cross border payments more and more businesses will be disrupted. As organisations adopt blockchain based technologies and cryptocurrencies, we are faced with a whole new paradigm for cybersecurity. The way in which information and financial information is shared, stored, and managed will see a vast and dynamic change. Trust is going to be redefined on all fronts and it’s going to come down to Risk vs Reward. Already some of the big banking corporations have recognized huge savings in fee’s by adopting Ripple and XRP to achieve immediate settlements. With every evolution in technology, cybercrime is in lockstep. Threat vectors are changing almost daily and typical end-point protection is not enough. Cyber criminals are leveraging machine learning and artificial intelligence (there I used two of the buzzwords) to watch and learn user behaviour. Gaining access to a user’s private of a crypto wallet is far more attractive than hacking an endpoint. In the same way that the cybercriminal is leveraging next generation tools, the current and emerging security vendors will evolve and accordingly. It will simply come down to the way in which businesses transact and where the focus of the potential attacker will be. It is critical that security vendors in the same way the financial institutions have done stay in lock step with technology innovation.
Artificial Intelligence is going to explode, organisations need to adapt and adopt AI into their arsenal to turn the corner and get ahead of both legal and illegal adversaries. Australia and New Zealand are known for its adoption of bleeding edge or next-generation technology so the race between cybercrime, legislation, and the current and emerging security vendors is going to be an exciting arena to be in.
What significant challenges could my organisation be facing?
2018 brings some challenging new legislation. Mandatory breach notification is already making a lot of organisations nervous and as a direct result is bringing the spotlight directly on to information governance and security. Organisations are facing the challenge of truly understanding the information that is created and how it is used, shared, stored, and ultimately deleted. A culture shift is required, and in turn creates its own challenges. Business is built on trust, but for that trust to stand up it must be foundational or from the ground up. Security is paramount and getting the security platform and posture right, nurtures trust. Understanding information will empower organisations to make informed decisions. Basing decisions on “trust” alone without any insight will leave organisations wide open.
What should I be doing now to overcome these challenges?
Let’s start with a premise. There are two types of organisation – one that has been breached and one that doesn’t know they have been breached. So what to do?
First, discover, discover, discover. Use available tools to reach out and understand every point of interaction with corporate information (transaction channels, storage locations, on premises and cloud services, mobile devices, portable storage and the like).
Secondly, undertake security cultural awareness education. What is that you ask? Well, this kind of education outlines and answers the key questions;
- What constitutes a breach?
- How does a breach happen?
- Who is accountable for the information created, handled, stored and shared?
- How does my behaviour contribute towards a potential breach?
Define and create policy (discover only) that confirms what you collated in discovery. Are users doing what you expected, are your systems and information being access in the manner you expected (most likely not)
Next, create and adopt a policy for the categorisation of information, allowing for e-discovery to provide what you have discovered and now know, which in turn will help towards compliance and regulation readiness.
Is there professional help available to me?
The security team at Insentra have developed a methodology for Data Loss Prevention (DLP) Adoption to helps partners and customers begin or adapt their Security strategy whilst improving their DLP maturity. This process starts with a discovery session and then sets clear timelines and objectives in an agile manner to allow continuous risk reduction and improvement over time. Month by month and organisation can see which risk areas in the adoption plan have been mitigated against and what the focus areas are for the next month. Avoiding or surviving an attack is one thing; it’s an organisations ability to learn and evolve that will set them apart from those that do not survive, for some the loses will be too high and the retrospective story will not be so bright.
You cannot secure what you cannot manage, you cannot manage what you cannot see.
