Taking A Holistic Viewpoint On Enterprise Cyber Safety

Taking A Holistic Viewpoint On Enterprise Cyber Safety

Mitigate Deeper Issues Rather Than Bandaging Symptoms

In cyber safety, sometimes short-term fixes are used without in-depth analysis into the root cause of the issue.

An organization feels certain symptoms—numerous vulnerabilities on systems or poor cyber practices of people within their organization—and often looks to bandage solutions such as tools and technologies to fix its issues, without conducting a truly in-depth analysis of what these symptoms might reveal regarding underlying causes.

Instead of thinking about what can be done to mitigate the deeper issues, the focus is just on the immediate symptoms.

Getting At The Root Cause

Thankfully, there is a common strategy for getting to the heart of the issue. We need to use a holistic and integrative approach to do a root-cause analysis on what the factors are that create the symptoms, then determine the best approach using a holistic view of what is needed and integrating a variety of aspects to form a well-designed solution.

Let me break this into smaller parts specifically in the example of a healthcare organization that is concerned about cyber safety. Using the mind-body-energy connection that is well known in the healthcare field, for the “mind” aspect, let’s consider the mindset of an organization, its leaders, and its staff. How is cyber safety and security regarded in the organization? Is it thought of as a barrier to the mission, or an enabler of the mission? Do all the roles, stakeholders, users, and leaders look only to the CISO or their teams to solve their cyber gaps, or do they feel that everyone has a role in cyber?

In this example, an organization’s tools and technologies will stand in as the “body” aspect. Are each of the tools an organization deploys truly analyzed for all the capabilities a tool offers? How many of a tool’s functionalities are actually being used? How many tools does the organization have that all seem to do similar things and how effective are these tools? Are the tools and the results they achieve measured across a standard baseline for effectiveness or efficiency?

Building A Culture That Supports Cyber Safety

For the largest and most important aspect of this connection, let’s look at the “energy” or culture of the organization. The energy of the organization is the culture, which always starts with its leadership. Are diversity and inclusion factored into the organization, including its cyber teams? What is the level of social and emotional maturity within the organization and its people? Are staff provided with training and opportunities to learn emotional intelligence or interpersonal communication skills? Is there freedom to innovate and bring creativity into the workplace? Last but not least, are staff empowered to do the right thing even when no one is watching?

All of these aspects make up a robust and comprehensive cyber safety program in any organization:

  • Empowering people with the right skills, knowledge, support, and opportunities and embedding cyber into everyone’s roles;
  • Looking at technical solutions using a holistic view to truly provide effective and impactful solutions (instead of bandage solutions);
  • And taking a community-centered approach to cyber within an organization and between organizations so that everyone understands their role in protecting and safeguarding the mission.

There are many ways to ensure that cyber is factored into every aspect of an organization. We must include security in every step of a system’s lifecycle. Systems include anything that is purchased that is considered “IT,” such as computerized systems, medical instruments/devices, applications, networks, servers, workstations, etc. Cyber security reviews and analysis must be built into the procedures starting from the acquisition stage, through implementation and operation, and at the disposition stage. This will ensure that security concerns and risks are captured and mitigated from the beginning all the way through the end and help avoid sudden surprises and reactive measures.

Another aspect of ensuring cyber is embedded into everyone’s roles is to make sure that each role within an organization is properly trained on how to do its jobs in a secure manner, provided opportunities to learn on the job, and also have opportunities for commercial training.

Taking A Bird’s Eye View

Lastly, as technology progresses and gets more complex, we must take a moment to pause and step back to look at things from a holistic viewpoint. Too often, people are running towards the next newest thing or the next “shiny” tool or technology that everyone else is using, assuming that it will be a magic bullet or cure for all the concerns. It will be in our best interest as healthcare organizations to take a step back and look at the big picture, to dig deep and find the root causes of our concerns so that we can truly effect positive changes in cyber throughout our organizations.

Source:-https://www.cshub.com/security-strategy/articles/taking-a-holistic-viewpoint-on-enterprise-cyber-safety

read more

4 Reasons Why Passwords Are Becoming A Thing Of The Past

Passwordless Authentication Is Enabler Of The Future

The platform economy is changing how companies interact with customers. Enterprises need to connect with their customers efficiently to successfully and rapidly match the latter’s wants and needs with services and products. Being able to authenticate users to enable efficient and effective interaction with organizations is vital to business strategies of the future.

Password-based consumer authentication was initially designed for employees, not customers or clients. User experience was not a concern. Today, in the age of fingerprint readers and facial recognition, people expect a seamless customer experience, and passwords are becoming a key factor in poor customer retention rates. Furthermore, from setup to reset and decommission, password management is costing companies millions of dollars per year.

In terms of cybersecurity, weak password management is central to the entire criminal ecosystem. Passwords are difficult to secure and most cyber breaches stem from weak or stolen passwords. A breach of a single platform can impact millions of individuals and interconnected enterprises. Credential stuffing attacks, where criminals use stolen credentials leaked and shared online, represent nine in 10 login attempts on major retail sites.

Digital trust is a precondition for unlocking the promise of the platform economy. The World Economic Forum Centre for Cybersecurity is actively working to improve authentication, a pillar of cybersecurity, to ensure a secure digital future for everyone. In collaboration with the FIDO Alliance, the World Economic Forum has launched a white paper on Passwordless Authentication: The next breakthrough in secure digital transformation, which proposes six core principles for transition to a password-free future. Here’s why:

Better User Experience

Authentication is the entry point to an online service. Passwordless authentication replicates how people in the real world recognize one another by using techniques such as biometrics, based on inherent physical attributes or who we are. It is customer-centric and eliminates issues such as the common struggle of typing complex passwords on a foreign keyboard. In the near future, users will be able to authenticate onto any platform via the devices they carry with them everywhere. Ultimately, an enhanced user-centric experience also results in stronger security, as users are much less likely to try circumventing cumbersome processes.

Robust Security

Login credentials to bank or social media accounts are on sale on the dark web for as little as $7. This is not just an issue for the individual user whose identity has been compromised – the unchecked rise of digital criminal activity is driving global cybercrime to unprecedented levels, and is undermining trust in government institutions. The digital economy is also enabling new waves of serious organized crime.

Passwordless authentication eliminates a long list of attack vectors, from credential stuffing to phishing attacks. When companies transition to new authentication solutions, they reduce their exposure to data breaches. Passwordless solutions require no personal information to be stored or transmitted over the internet; the risk of online fraud and identity theft is therefore greatly reduced. Furthermore, most passwordless authentication leverages two distinct authentication factors, providing more robust secure guarantees than a single password.

Improved Interoperability

The interoperability of authentication solutions unlocks value. Interoperability allows new users to access certain services, existing users to transact more broadly and digital services to offer their users new ways to transact. Applying a standards-based approach means that the implementation work is largely completed, and service providers can get started faster on their path to passwordless authentication. It greatly reduces development time and unlocks access to new markets that are adopting certified solutions. It allows for international compatibility and expansion.

Regulations such as GDPR impact businesses serving European users, regardless of where the business is registered. Passwordless authentication facilitates compliance with such international regulations, which is key to expanding digital businesses across geographies.

Reduced Costs

Enterprises often struggle to balance security with business realities. Not only does passwordless authentication improve security, the user experience and interoperability, it reduces business costs and improves revenues by boosting productivity and brand perception.

According to a recent survey, employees spend more than 10 hours each year managing their passwords. This represents over $5 million a year for a company of 15,000 employees. With standards such as those developed by the FIDO Alliance, password administration is significantly simplified – and, most notably, cuts costs associated with call centres. Two and a half months is the average time that company IT staff spend resetting internal passwords, at an estimated cost of up to $70 per password reset. One study found out that businesses spend $1 million annually in helpdesk costs alone to deal with password resets.

Looking at global cyber-risks, 4 in 5 breaches involve weak or stolen passwords, and the average cost of every breach is $3.92 million. When there are no passwords for criminals to steal, the possibility of illegitimate access to a company’s networks is significantly reduced, which translates into lower insurance premiums.

The parameters of authentication are much broader than passwords alone. Accurate and reliable authentication is the essential foundation of digital trust. It is an enabler of cybersecurity in the digital economy and of the Fourth Industrial Revolution. In other words, passwordless authentication is an enabler of the future.

Source:- https://www.cshub.com/security-strategy/articles/world-economic-forum-4-reasons-why-passwords-are-becoming-a-thing-of-the-past

read more

The Immediate Impact Of AI In The Security Operations Center (SOC)

Artificial intelligence (AI) is poised to make rapid advancements and its impact is already being felt in many aspects of the enterprise organization.

And no surprise, cyber-attackers are leveraging machine learning and other AI-related technologies to carry out more frequent and more sophisticated attacks.

As these technologies proliferate, however, the dilemma becomes how the tools can shape the future of cyber security – and specific practices as they relate to the enterprise. For example, will AI streamline incident response and pare down the exorbitant number of notifications that a security team fields on a daily basis?

AI resources will likely enhance enterprise and consumer security, and change the tech ecosystem. But what role does the InfoSec officer play in this digitally augmented world? Where do the needs of each intersect and how will that shape cyber security’s trajectory?

Is Machine Learning Mature Enough For Mission-Critical Enterprise Workflows?

While AI is the glossy new solution that C-level executives may be after, it is still embryonic and in proof-of-concept stage even in the most tech-savvy organizations. How quickly will that phase change, and progress toward more uniformity?

Basic automation tools are capable of gathering and organizing data into reports that human agents can then use to forecast and plan. With machine learning, that data can be analyzed by AI at a rate of speed and accuracy far greater than humans are capable of. The analysis and actions taken maintain a human-in-the-loop process. In the end, automation is helping humans make data-driven and more accurate business decisions.

Despite some glowing reviews of AI projections in the workspace, the technology must still evolve and advance. It is accompanied by a plethora of challenges, some of which include the security team’s knowledge base and the prospect of data overload.

Market Report Describes Crossover Opportunity

Cyber Security Hub developed a special report to dissect this crossover – between today’s AI solutions and their immediate impact within the security operations center (SOC). AI and machine learning capabilities beyond the cyber security sphere may have already encountered rapid growth (automation, weapons guidance, threat intelligence, etc.), but as it stands within the enterprise, they currently augment, reduce overhead and serve as an added layer of defense, which sit behind various other tools.

Read the full market report, “Cyber Security & AI: Intersecting Needs With Innovation,” for no cost. The report discusses the need for AI in cyber security, accepting change in process and mindset with data-driven insights, and the road ahead for use of AI in both offensive and defensive security activities.

Source:-https://www.cshub.com/data/articles/the-immediate-impact-of-ai-in-the-security-operations-center-soc

read more

The Value Of Separating Compliance And Enterprise Cyber Security Goals

The General Data Protection Regulation, a mandate from the European Union (EU), went into effect May 25, 2018. The regulation is comprehensive insofar as protecting data and information security practices at the enterprise level. Somewhat similar opt-out legislation, the California Consumer Privacy Act (CCPA), went into effect January 1, 2020.

Those who are not compliant with these laws run the risk of receiving steep fines. To provide some background on the GDPR regulation, Cyber Security Hub created a market report offering end-user “best practices” and stack GDPR up against other international measures on compliance. Further, it provides insight on separating compliance measures and technical, security-driven events in the enterprise.

Cooperation Is Key To Data Privacy Transformation

While the GDPR reveals numerous challenges for multinational organizations, it underscores the importance of interdepartmental communication and cooperation.

Due to its broad scope, GDPR requires “complete transformation” within the organization. Data privacy and cyber security law expert Jamal Hartenstein said, “Cooperation and engagement of senior management, and forming the right team will be key to successful GDPR maturity.”

As its effects trickle down to various business units, different departments may need to document a process-flow diagram of how data traverses their enterprise, Hartenstein said.

The broad nature of the regulation demands attention from customer service technicians, network management employees, public affairs, backup and disaster recovery employees, the legal department, and more.

Similarly, Glenda Lopez, Director of Global Risk and Compliance at The Henry M. Jackson Foundation for the Advancement of Military Medicine said that “the overall culture of an organization embracing security and the rapid changes is key.”

She continued: “People, process and technology are crucial to maturity as security has tentacles and touches everything within an enterprise. Security practices should not be soiled. It has been and always will be an enterprise-wide job and involves the entire organization.”

Compliance Versus Security

With the expanding workload of today’s chief information security officer (CISO) and other members of the security team, it’s tough to draw a line in the sand between security operations and compliance measures. In order to be compliant, one must have a calculated security posture.

In order to be tightly buttoned-up, one must be compliant with the governing frameworks and mandates. In order to reach both optimal security and compliance, one must thoroughly understand the organization’s risk profile.

This is a complex and evolving territory in the security space – and it extends far past the CISO, up the corporate ladder to the board and even employee base.

Still, Hartenstein advocated a careful delineation between the two. He said that compliance measures and technical, security-driven events are not of similar inception. Compliance measures check off regulatory check boxes. Conversely, security-driven events are applicable to enterprises even without exposure to compliance laws.

“It’s not safe to assume or associate ‘compliance measures’ with what would be adequate technical security to protect either your prized data, or consumer data,” Hartenstein said. “The difference is that regulatory bodies are indeed in place to protect consumer data. Compliance exists as a floor, a minimal standard, a barrier to entry. Technical, security-driven events in an enterprise should be aimed to surpass (not just meet) the bar that regulators set.”

Separating Security And Compliance Goals

The cyber expert warned against approaching security and compliance under the same strategic goal or business objective.

While objectives for the two seem outwardly similar, they are vastly different at the organizational level. “Compliance measures may limit your liability in court or mitigate the threat of litigation, while technical security measures are aimed to actually protect your data or address risks unique to your enterprise.” For strategic planning purposes, the two must be firmly distinguishable.

Source:-https://www.cshub.com/data/articles/the-value-of-separating-compliance-and-enterprise-cyber-security-goals

read more
Contact on Chat !
Would you like to have Threat ResQ !