Taking a Multifaceted Approach to Cyber-SecurityBy Samuel Greengard | Posted 2016-09-20 Email Print
As the threat landscape grows, there's a need to take a proactive approach that incorporates multilayered security, advanced analytics and user education.
"Paying employees to handle these tasks can become very expensive and inefficient," he says. "You have people staring at logs all day, every day attempting to spot abnormalities and anomalies. Eventually, due to human error, they will miss something."
The approach has delivered clear and definable results. Threat detection has improved, and the company is operating within a security framework far more effectively. In the past, identifying, researching and addressing fixes could take days or even weeks. Now Bezenah and his team access a log or site using any device and diagnose a problem. If they require further assistance, an engineer from EIQ Networks is available by email or phone.
"We now have clear direction on how to fix threats," Bezenah notes. In addition, the overall savings to Gold Star Mortgage Financial has been between 30 and 50 percent.
Implementing Cyber-Security Best Practices
These days, cyber-security best practices are more than the sum of tools and technologies, though underlying systems remain critically important. "The final frontier is cyber-threat intelligence systems and platforms that identify problems in near-real time and deliver ways for organizations to take immediate action," Stealthcare's Samide explains. "The current system of reacting to threats is unsustainable and largely ineffective."
Chau of the Georgia Institute of Technology adds that organizations must adopt a more systematic approach to cyber-security by focusing on the most important enterprise assets and concentrating resources on data rather than systems.
Addressing today's cyber-security trends and requirements means considering more advanced biometrics and multifactor authentication; adopting an always-encrypted data framework; deploying more advanced analytics; relying on intelligence sharing services; conducting simulations and tests, tapping expertise from SaaS security providers that specialize in cyber-security; and directing greater attention to insider threats.
Spear-phishing, whaling and other socially engineered attacks are increasingly in the news. An August 2016 study conducted by the Ponemon Institute and Forcepoint found that 91 percent of enterprise leaders believe insider threats will continue to grow or remain at current levels, yet only 15 percent have allocated a budget to address the challenge.
In the end, Stealthcare's Samide says, business, IT and security leaders must think about people, processes and policies in lock-step. This leads to clear standards, as well as the ability to enforce policies and procedures effectively. Along the way, there's a need to address a wide-ranging array of technologies and issues, including application programming interfaces (APIs), internet of things (IoT) sensors, data in motion, risk profiles for partners and external partners, device management issues and shadow IT, as well as rogue applications.
"When organizations identify their most critical applications, data and servers, it's possible to build better protections and adopt a far more resilient approach," Samide concludes. "The bottom line is that your organization's most valuable assets must exist within a security framework of authentication, protection, encryption and fortification."