5 security strategies that can cripple an organization
According to Verizon’s recent Data Breach Investigations Report, 2018 has already seen 53,000 cybersecurity incidents and over 2,215 confirmed breaches—and we’re just halfway through the year.
In this environment, it’s no surprise that data breaches are an acknowledged reality and companies are investing heavily in technology and resources to combat the ever-growing threat. However, in their urgency to address security vulnerabilities, many organizations are making critical mistakes—the results of which can mirror data breaches in their lasting, negative impact on the business.
The following is a list of the five most significant ways in which mis-aligned security strategies can inadvertently hurt the business:
To say that security teams are overwhelmed is an understatement. There are numerous factors contributing to the problem—a shortage of skilled workers, the vast attack surface associated with today’s hybrid cloud environment, and the reliance on manual analysis mentioned above, just to name a few.
Security vendors are clamoring to address these issues, but in doing so, are also becoming part of the problem. Countless point solutions exist for every element of security, and this fragmented environment is fast becoming unmanageable.
Organizations need integrated options that address numerous facets of security like web application security, content management, load balancing, DDoS, and Bot mitigation, reducing both the number of tools to navigate and manage, and the burden associated with training staff.
Siloed Information and Lack of Visibility
Security teams today have a two-faceted information problem: siloed data and a lack of knowledge. The first issue stems from the fact that many companies are only protecting a small percentage of their applications and, therefore, have a siloed view of the attacks coming their way.
Most organizations prioritize sensitive, highly critical applications at the cost of lower tier apps, but hackers are increasingly targeting the latter and exploiting them for reconnaissance and often much more. It’s amazing how exposed many companies are via relatively innocuous tier 2 and legacy applications.
The second, and more significant issue, can be summarized simply as, “you don’t know what you don’t know.” IT has visibility into straightforward metrics, but it often lacks insight into the sophistication of attempted breaches, how their risk compares to peers and the broader marketplace, and other trends and key details about incoming attack traffic.
With visibility to only a small percentage of the attack surface, it’s very difficult to know whether the company is being targeted and exploited. Given the resource challenges noted above, it’s unrealistic to attempt to solve this problem with manpower alone. Organizations must implement technology innovations that provide visibility across multiple touch-points and allow them to benchmark the performance of their security posture against the market.
Stringent Security Policies
Traditional technology that is cumbersome to implement and rollout is incompatible with the needs and expectations of today’s “always on” environment. To be successful, organizations must implement security policies and solutions that are easy to adopt and have minimal impact on the user experience.
Anything that is overly complex will result in resistance from the business, low adoption and potentially encourage users to investigate a workaround, which introduces new vulnerabilities into the organization.
Compliance vs. Risk Focus
Too many companies make procurement decisions to address compliance needs without fully understanding how those solutions will address the real threats to their organizations. They know they need a solution, but they let HIPAA, PCI or another requirement drive the selection process.
It’s common for companies to invest in multiple solutions where they may never extract the full value. Checking the compliance box is not enough; companies need the right solution and they must ensure it is utilized to its full potential to protect against the barrage of attacks.
With cybersecurity poised to remain a chief area of investment for the foreseeable future, it’s essential that companies navigate the issues outlined above. As part of this, organizations must get a holistic view of their entire security strategy, assess its sophistication and ensure they are not putting the business at risk in their quest to combat hackers.
Nothing kills a security mandate faster than blocking legitimate traffic. In today’s competitive environment, companies simply cannot afford to prevent legitimate users from accessing their site. As a result, organizations are investing in firewall solutions but are not realizing the full potential—only deploying them to certain “mission critical” applications, for example, or de-tuning the blocking capabilities for fear of negatively impacting the business.
Companies must run at sub-optimized security levels or invest heavily in manual analysis to determine actual risk levels. Ultimately, security teams are relegated to tuning static rules and custom signatures to combat complex attack scenarios without impacting legitimate users.
But it goes without saying that overall, this is a recipe for a security disaster. While organizations’ fear of false positives is understandable, failing to deploy active blocking capabilities across all applications is not the answer.
Rather than leaving the backdoor open to hackers in this manner, companies must invest in solutions that cover all of their apps and can block with confidence. Emerging technologies drawing on behavioral analytics can help organizations increase their trust in technology without the administrative overhead usually associated with firewall tuning. These technologies can also ensure that malicious activity is visible and thwarted without producing any adverse effects on legitimate customer traffic.