Information security isn't what it used to be — firewalls, although necessary, are not enough to prevent a data breach. The problem for IT is that the old methods of keeping data secure are not enough to stop intruders who, for instance, use sophisticated phishing attacks on unaware employees.
Ashok Sankar, director of cybersecurity at Raytheon-Websense, said in Computer Weekly that cybercriminals are determined to breach company security walls, no matter how long it may take them. But these concerns can't pose a roadblock to innovations in, say, the cloud, and impede businesses in their efforts to access new markets and gain a competitive advantage.
RSA president Amit Yoran agrees, according to SC Magazine, citing infosecurity as fundamentally broken. Firewalls and policing network perimeters are just things that make you "feel safe" but don't address real security problems.
The evolution of security is widely discussed in the technology community:
Cyber security panel agrees: "perimeter protection is dead." There's no firewall good enough. #slsecomm2015
— Jacob L. Rogers (@JacobLRogers55) June 8, 2015
#@RegardingPaul said at #CSZSS15 there is no silver bullet for security! Don't believe anyone who tells you otherwise..
— tdusmoha (@tdusmoha) November 26, 2015
— Sinead Mooty (@SineadMooty123) November 28, 2015
Traditional approaches to security are making us more vulnerable to attack, suggests Yoran. It's time to rethink security to become less reactive and more resilient.
Measure Your Detection Deficit
Teach employees to use all of their mobile devices, cloud applications and business innovations securely. "This means understanding their needs, explaining to them the security implications and coming to a consensus on what can and what cannot be done," says Sankar. "If employees want flexibility, they must understand the responsibilities that go with that."
Stop measuring security strength by the number of attacks a system has endured and stopped. Instead, monitor the time elapsed between the data breach and when the intruder has been detected and contained — otherwise known as the detection deficit.
Firewalls Aren't Impervious to Breaches
Firewalls do little to contain invasions at the business level too. In order to best protect the assets of your organization, prepare for an advanced persistent threat (APT), which is usually purposeful and done with malicious intent.
Assess Your Loopholes and Know What to Protect
The first step is to prioritize. Align your security goals with those of business executives to determine which assets are most sensitive. "It is now imperative to develop a layered security approach that will amp up the security arsenal with a 360-degree visibility into all corners of the network," warned Chloe Green, security reporter for Information Age.
Ultimately, you need to improve how you monitor and detect for a data breach, which can come out of loopholes in your security system that lockdown protocol is ineffective against once malware has been installed. Once these endpoints are closed, you'll be able to better protect your most important information.
What Absolutely Needs Securing?
According to a report by the privacy and data-protection team at Baker & Hostetler LLP, 36 percent of problems were borne out of employee negligence — only 22 percent came from external theft.
Informing your employees not only on what information they have to protect but also, how they should protect it, will lower the majority of your post-breach data loss risk.
Preparing for an APT Prepares You for the Worst
If you're going to contain the scope of a potential APT, a firewall won't be enough. End-to-end encryption for data in motion and comprehensive monitoring of all inbound and outbound traffic in your network have to be top priorities. End-to-end encryption protects data being transferred or shared between end-points, whether people or systems. Pair your traditional security solutions with advanced detection and real-time analytics, provided they're configured to detect malicious activity before it causes actual damage. Differentiate this traffic by identifying patterns with an IP-based device that connects to the network, and you'll be able to isolate the problem immediately if it occurs.
Security measures can help you minimize the looming threat of a data breach. It's no longer practical — let alone sustainable — to approach problems with the idea that they can all be prevented once they touch your network.