Skip to content
Sean McCloat, CISSPJanuary 5, 20171 min read

Why “Between” is the Most Important Word in Cybersecurity

In our cybersecurity practice we are constantly evaluating new technologies. And there are some exceptional products coming into the market. There are technologies to intercept, identify, analyze, isolate, execute, observe, model, correlate, and many other necessary analyses. But as sophisticated as all of these products have become, it seems to me that it all comes down to “between.”

Between Devices

The first “between” is the movement of malware vertically and horizontally within the network between devices. Practitioners of cybersecurity all agree that many of the base level security measures now put into place might more appropriately be termed “network hygiene.” These firewall, endpoint, and other solutions are effective at keeping out the vast majority of bad actors, limiting intrusions to below the 1% level. We think of this as noise elimination. And it is very necessary.

Many of the new capabilities native to, or integrated with, the leading SIEM capabilities provide another important level of protection through correlation of events occurring in and between devices. In this context, solutions that are specifically targeted at identifying malware and data movement, either through heuristics or technologies such as virtual honeypots, are an invaluable addition to the client’s security solution.


Between the Ears

The second “between” is at the end user level – between the users' ears. Regardless of the security measures put into place by our clients, we see end users consistently put our clients at risk through behavior that indicates a total lack of understanding of the security challenge at hand. Learn more in "The Biggest IT Trends Impacting Business Owners."

From password complexity to the lack of consideration for protection of mobile devices, end users simply do not understand the proper set of actions required to protect corporate assets. Millennials clearly exacerbate this challenge through their natural tendency to share and live in the moment on social media. Clearly, the current approach to onboarding and training users in the important aspects of security are broken. End users are simply not learning in the manner that we are teaching. We need new solutions in this area, and fast. Micro-learning has great appeal to Millennials and is certainly an important approach to addressing this critical issue.


Sean McCloat, CISSP

Sean is responsible for Corserva’s network and security operations centers, field services, sales engineering, data center operations, and professional services. He has an intense focus on delivering exceptional customer service across a wide array of client engagements. With 25+ years of national and global experience in the IT industry, Sean has real world experience at the corporate and enterprise levels of healthcare, advertising, and logistics organizations. In addition to his CISSP certification, Sean is a CMMC-AB Registered Practitioner (RP). He leads Corserva’s assessment and compliance team, guiding companies in meeting business objectives with NIST 800-171 and CMMC.