Finding the imposters among us
The cybersecurity industry’s approach to protecting our data simply is not working anymore. It was built for the past. It was about outside threats, hackers finding their way inside, building bigger and more audacious security walls to befuddle the bad guys and protect us from threats. This is according to Forcepoint CEO Matt Moynahan.
Such an approach was created for a different time, a different, more tightly held IT environment, and a different threat landscape. As available data grows exponentially, a cultural shift needs to take place within our society so we can learn how to process it appropriately and act on it when necessary. Think of it this way – humans and digital technologies have become so intermeshed they literally are becoming one.
For years, Google, Amazon and Facebook have used predictive analytics, multiple data sources and cloud-based computing to target buyers, identify their tendencies and tailor marketing of products and services uniquely to a specific person. The cybersecurity industry can take lessons from the consumer market: we need security to be tailored to the individual user to understand when things are not normal.
This also calls for a shift in our attitude toward security. How many people feel good about the word “surveillance”? What about “monitoring” or “protection?” We don’t want to feel as though Big Brother is always watching, we want to feel good about being protected.
For this reason, we should not be so naive as to think that we do not need technologies to secure us. Big Brother should be watching over our activity – so long as this information is being used to protect us.
We do this by refocusing the cybersecurity lens to people rather than threats. We need to look at people who have access to critical and sensitive data and ask, should they? And, how they are using this information? In developing a cyber fingerprint based on a person’s online habits and routine behaviours companies can determine in a matter of seconds who is the imposter and who is the real employee.
Let’s try something new – something that makes more sense for today. We live in a time when people, their technologies and their data are intertwined and we constantly share information and devices. How can companies protect people’s data in this connected world? There are two issues that must be well understood: who has access to the data and how the data flows.
Regardless of whether it’s an authorised person, a hacker using stolen credentials or a piece of malware behaving like an individual – these all drive user and machine-to-machine interactions with massive amounts of critical data.
By shifting our focus to individuals and how they interact with this data, we can understand the true identity and intent of users on a network. We can act as cyber bodyguards to spot unusual behaviour and activities quicker. By understanding all this, we can stop the bad thing before it happens.