Confound the crooks

26 November 2019

Paul Mercina, head of innovation at Park Place Technologies

Paul Mercina, head of innovation at Park Place Technologies

Data security is a pressing issue. More than 1,900 known data breaches occurred worldwide in the first three months of 2019.

The UK ranked third highest with 17 breaches in Q1, and our country’s costs for such failures are up 41 per cent over the past two years.

Add in the threat of fines under the General Data Protection Regulation and private and public sector organisations are rapidly adopting a heightened security posture.

The cybersecurity challenge has many IT organisations hoping for inoculation via the latest solutions. But before investing in cutting-edge security products, make sure the fundamentals are in place.

Although it may seem elementary, problems arise when basic measures are overlooked.

The WannaCry ransomware attacks, for example, exploited a known vulnerability; a patch would have prevented harm. 

Thus, many security best practices are the same as always.

Patches must be pushed out enterprise-wise.

Perimeter security remains essential, and newer firewalls and other solutions provide improved protection.

Access controls need to be fastidiously maintained.

Data encryption imposes far fewer operational challenges than in the past, so you should seek to encrypt all data in transit and at rest.

Proper key management is also necessary.

Storing keys on the same server as the data is asking for trouble but many IT facilities still do so.

In the bring your own device era, it’s necessary to segment Wi-Fi and aggressively wall off sensitive data with micro segmentation.

Information rights management applications can also be a great addition to protect files that leave the corporate sandbox. 

From an organisational standpoint, integrating security more seamlessly with application development, such as through DevSecOps, is advisable.

Also consider bringing security into the network operations centre (NOC), thereby creating an integrated operations centre (IOC) for more coordinated and rapid-fire breach response.

Be sure to arm these experts with high-performance security information and event management (SIEM) systems and other post-breach response solutions. 

Once the foundations are in place, your next step is to follow security advances and incorporate the right innovations.

Deep learning systems are becoming increasingly capable of identifying potentially malicious activity and rooting out advanced persistent threats (APTs).

Artificial intelligence will soon supply more robust security automation and, further down the road, homomorphic encryption will allow the use of encrypted data without decryption.

It’s worth the time and investment to research options for upgrading data security.

But as exciting as the cybersecurity field may be, basic principles still hold.

Get your fundamental security processes and tools in order to outwit predictable threats and then branch out to defeat the most cunning attacks.

By Paul Mercina, head of innovation, Park Place Technologies