The classic R&B hit “Ain’t No Mountain High Enough” could be the theme song for the age of cybersecurity. The tune recounts a young couple’s pledge that nothing will keep them apart. Cyber criminals take a similarly passionate stance when approaching your data: higher mountains and lower valleys won’t keep them away.
It’s no wonder keeping systems and data secure lies at the heart of every CIO’s agenda today. How can the cybersecurity issue be ignored? Headlines scream about data security breaches on such a regular basis that we’ve become fatigued by the news. Security teams are running full blast every day, but the entire organization must bring its A-game when it comes to staying vigilant and protecting data assets.
We haven’t seen the last of the breaches by a long shot. Despite the headaches they cause enterprises, breaches continue because many organizations view cybersecurity as a matter of building higher mountains and wider rivers at a faster pace. But the latest breaches show that strategy is insufficient. We must have good processes to keep known attackers at bay. The added challenge now is how to handle attackers who manage to get through or insiders who’ve gone to the dark side.
It’s a confusing issue. The sheer number of approaches for solving the cybersecurity puzzle makes it seem like the Wild West out there. Some enterprises have even turned to the insurance industry to mitigate the risks of a major cyber breach. But can you ever have enough insurance? At last count, Target’s 2013 data breach left the retailer with a $162 million recovery bill despite investing millions of dollars in cyber insurance.
Recent IDC research suggests 35 percent of all cyberattacks go undetected. Attackers often lurk inside an organization’s ocean of systems for months before they make a move that can have catastrophic effects on customer and investor confidence. This is a board-level issue, and it’s critical for top executives to support a strategy that will help the enterprise confront threats head on before actual damage occurs. Steps for gaining a deeper understanding of the issue include:
- Develop a snapshot of normal. Use available data to paint a picture of what your organization’s everyday network activity looks like. If it’s not typical for workstations in finance to probe workstations in R&D, check it out. The norm today is that somebody gets phished and credentials are stolen. The attacker gets inside and swims around until he locates the organization’s soft underbelly. That’s why it’s important to know what your “normal” looks like so you can spot abnormal patterns more easily and beat attackers at their own game.
- Kick it into high gear. Large-scale cluster computing and analytic algorithms designed to scale on those clusters used to be too expensive for most enterprises to consider. Not true today. Leveraging big computing and deep analytics can help in regaining control when attackers inevitably penetrate your defenses.
- Get into analysis. Consider real-time predictive and behavioral analytics as part of your organization’s force field. It’s vital for evaluating patterns, detecting potential threats and gathering additional insights to decrease data vulnerability over time.
- Avoid rabbit holes. False alerts are a big challenge in all complex systems from warranty analysis to predictive asset maintenance. Cybersecurity is no different. Meaningless alerts tie up staff — and worse — divert their attention away from true threats. The context of an alert is critical, and can best be achieved through effective behavioral analysis.
While all the steps above are key, one of the most important cybersecurity goals is acknowledging that protecting systems isn’t the domain of the IT department alone. Leaders must step up and help their teams understand that everybody plays a role in keeping the assets of the organization safe and secure. It’s relatively easy for professional attackers to find weaknesses in an organization. Meeting them head on with a well-educated and diligent staff is every organization’s best defense.
Marvin Gaye and Tammi Terrell may have said it best in the 1960s, but you can be your organization’s rock star today by demanding that everybody views cybersecurity as a 24/7 endeavor. Attackers are always watching you. Make sure you return the favor.