In our cybersecurity practice we are constantly evaluating new technologies. And there are some exceptional products coming into the market. There are technologies to intercept, identify, analyze, isolate, execute, observe, model, correlate, and many other necessary analyses. But as sophisticated as all of these products have become, it seems to me that it all comes down to “between.”
Between Devices
The first “between” is the movement of malware vertically and horizontally within the network between devices. Practitioners of cybersecurity all agree that many of the base level security measures now put into place might more appropriately be termed “network hygiene.” These firewall, endpoint, and other solutions are effective at keeping out the vast majority of bad actors, limiting intrusions to below the 1% level. We think of this as noise elimination. And it is very necessary.
Many of the new capabilities native to, or integrated with, the leading SIEM capabilities provide another important level of protection through correlation of events occurring in and between devices. In this context, solutions that are specifically targeted at identifying malware and data movement, either through heuristics or technologies such as virtual honeypots, are an invaluable addition to the client’s security solution.
Between the Ears
The second “between” is at the end user level – between the users' ears. Regardless of the security measures put into place by our clients, we see end users consistently put our clients at risk through behavior that indicates a total lack of understanding of the security challenge at hand. Learn more in "The Biggest IT Trends Impacting Business Owners."
From password complexity to the lack of consideration for protection of mobile devices, end users simply do not understand the proper set of actions required to protect corporate assets. Millennials clearly exacerbate this challenge through their natural tendency to share and live in the moment on social media. Clearly, the current approach to onboarding and training users in the important aspects of security are broken. End users are simply not learning in the manner that we are teaching. We need new solutions in this area, and fast. Micro-learning has great appeal to Millennials and is certainly an important approach to addressing this critical issue.