Approaches to Cybersecurity

Taking a Multifaceted Approach to Cybersecurity

By Samuel Greengard  |  Posted 2016-09-20 | Baseline – Cybersecurity

As the threat landscape grows, there’s a need to take a proactive approach that incorporates multilayered security, advanced analytics and user education.

Today, no word strikes greater fear in the heart of a business or IT executive than “cybersecurity.” As threats become more common and dangerous—and high-profile breaches emerge as the new normal—there’s a growing recognition that conventional methods and approaches aren’t enough to secure an enterprise.

“In the past, if you had basic protections in place—things like a firewall, antivirus and intrusion detection—you were mostly safe and secure,” states Jeremy Samide, CEO of security advisory and cyber-intelligence firm Stealthcare. “The risks now extend far beyond the perimeter.”

Protecting systems and data in the era of connected networks, systems and devices is daunting, and businesses have become primary targets for malware, ransomware and direct theft. As Samide puts it: “It’s a chaotic and confusing environment. There are multiple threat vectors, increasingly sophisticated and effective attacks, and a general lack of security standards.”

The end result? According to the “2015 Ponemon Institute Cost of Cyber-Crime Study,” average annual losses to companies worldwide now exceed $7.7 million. Meanwhile, enterprise leaders are scrambling to address a growing array of risks, challenges and threats.

Understanding Cybersecurity Trends

Sorting through cybersecurity trends and arriving at a set of solutions and cybersecurity best practices is challenging. A starting point, says Polo Chau, an assistant professor at the Georgia Institute of Technology, is to understand that handling business and security as usual is no longer adequate.

“Companies have traditionally used a signature-based approach—along with blacklists and whitelists—to detect and manage malware and other threats,” he explains. “Today, traditional systems can’t keep up. There are too many files, too many threats that are constantly changing, and social engineering techniques that can defeat even the best security.”

Emerging cybersecurity best practices increasingly revolve around a more comprehensive and holistic framework. It’s now critical to take a proactive and nuanced approach that incorporates multilayered security, cybersecurity intelligence, advanced analytics, and user education and training.

“Advanced persistent threats now unfold over long periods of time and involve multiple phases,” Chau says. “This requires a very different cybersecurity model.”

Developing a Broad, Effective Security Framework

One organization attempting to establish a broader and more effective framework is Gold Star Mortgage Financial Group, an Ann Arbor, Mich., company that conducts business at 30 branches in 21 states, as well as online. A few years ago, the company found itself overwhelmed by security requirements, including monitoring servers, systems and devices.

“It was time-consuming and expensive to monitor everything and sort through logs on our own,” explains Andrew Bezenah, information technology and information security manager. What’s more, the manual approach increased the odds that a cybersecurity vulnerability or threat would fly below the radar and damage the company.

To deal with these challenges, Gold Star Mortgage Financial adopted EIQ Networks’ SOCVue SaaS security intelligence solution. It introduced 24x7x365 cloud-based monitoring to identify possible cyber-attacks, while helping the company adhere to regulatory requirements, including the Gramm-Leach-Bliley Act (GLBA).

The system detects threats and mitigates vulnerabilities in critical IT equipment, including both internal and external internet protocols. Rather than simply responding to an endless series of risks and threats, this approach allows the IT and security staff to work in a more strategic and proactive way, Bezenah points out.

The EIQ Networks system is just one piece—albeit a critical one—of a comprehensive framework of security tools, technologies and solutions, Bezenah says. Although the company continues to rely on a firewall, antivirus protection, intrusion detection and more, the growing complexity of cybersecurity requires a more efficient approach. The cloud-based system allows the company to ramp up protection through automated scanning of applications, mail servers and more, as well as providing insights into how to fix a problem.

As the threat landscape grows, there’s a need to take a proactive approach that incorporates multilayered security, advanced analytics and user education.

“Paying employees to handle these tasks can become very expensive and inefficient,” he says. “You have people staring at logs all day, every day attempting to spot abnormalities and anomalies. Eventually, due to human error, they will miss something.”

The approach has delivered clear and definable results. Threat detection has improved, and the company is operating within a security framework far more effectively. In the past, identifying, researching and addressing fixes could take days or even weeks. Now Bezenah and his team access a log or site using any device and diagnose a problem. If they require further assistance, an engineer from EIQ Networks is available by email or phone.

“We now have clear direction on how to fix threats,” Bezenah notes. In addition, the overall savings to Gold Star Mortgage Financial has been between 30 and 50 percent.

Implementing Cybersecurity Best Practices

These days, cybersecurity best practices are more than the sum of tools and technologies, though underlying systems remain critically important. “The final frontier is cyber-threat intelligence systems and platforms that identify problems in near-real time and deliver ways for organizations to take immediate action,” Stealthcare’s Samide explains. “The current system of reacting to threats is unsustainable and largely ineffective.”

Chau of the Georgia Institute of Technology adds that organizations must adopt a more systematic approach to cybersecurity by focusing on the most important enterprise assets and concentrating resources on data rather than systems.

Addressing today’s cybersecurity trends and requirements means considering more advanced biometrics and multifactor authentication; adopting an always-encrypted data framework; deploying more advanced analytics; relying on intelligence sharing services; conducting simulations and tests, tapping expertise from SaaS security providers that specialize in cybersecurity; and directing greater attention to insider threats.

Spear-phishing, whaling and other socially engineered attacks are increasingly in the news. An August 2016 study conducted by the Ponemon Institute and Forcepoint found that 91 percent of enterprise leaders believe insider threats will continue to grow or remain at current levels, yet only 15 percent have allocated a budget to address the challenge.

In the end, Stealthcare’s Samide says, business, IT and security leaders must think about people, processes and policies in lock-step. This leads to clear standards, as well as the ability to enforce policies and procedures effectively. Along the way, there’s a need to address a wide-ranging array of technologies and issues, including application programming interfaces (APIs), internet of things (IoT) sensors, data in motion, risk profiles for partners and external partners, device management issues and shadow IT, as well as rogue applications.

“When organizations identify their most critical applications, data and servers, it’s possible to build better protections and adopt a far more resilient approach,” Samide concludes. “The bottom line is that your organization’s most valuable assets must exist within a security framework of authentication, protection, encryption and fortification.”


Samuel Greengard writes about business and technology for Baseline, CIO Insight and other publications. His most recent book is The Internet of Things (MIT Press, 2015).
Posted in Cybersecurity, Data Security, defense intelligence, Layered Defense, Risk Management
Tags: , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Google Plus

Keep Current with What’s New in Cybersecurity

Email Address:

Name:


Cybersecurity News Daily

Provides a daily summary of what's news in Cybersecurity

Archives

Recent Tweets

Categories

Follow

Get every new post delivered to your Inbox

Join other followers: