The modern cybersecurity landscape is fraught with complexities which enterprises must consider and address, such as the constant advancement of technology, savvier employees and the global shortage of cybersecurity talent. Big data, cloud applications and the Internet of Things have emerged with the promise to revolutionize businesses, and the reliance on wireless connectivity has opened the door for real-time processes.
While exciting, this new dynamic is accompanied by potentially catastrophic security implications and presents enterprise organizations with the significant challenge of balancing security with user privacy.
It’s been widely reported that employees at companies large and small are the common denominator in most security incidents that result in data breaches, whether these people have malicious intent or are simply negligent. However, attempts at “lock and block” environments – built on the perception that users inside a network are no more trustworthy than users outside a network – have shown to be ineffective as they impede user productivity, incite user frustration and stifle innovation.
These methods do not work in an ecosystem where remote employees are beginning to outnumber on-site employees, and causes frustration and decreased morale. In order to understand how to address the problem, we first must look at the current security landscape and the top causes of data breaches that enterprises can expect to face in 2017.
Employees’ Heads are in the Cloud – and so is Your Data
It’s human nature to look for the easiest, most efficient way to complete any personal or business-related task. However, what is easiest doesn’t always mean the most secure. In fact, it usually means the opposite.
In the past, employees worked in corporate offices on machines tied directly to the company network at all times – establishing a defined perimeter for security teams to protect. Today’s corporate ecosystem is dynamic, with employees, freelancers and contractors working remotely on a regular basis and using a variety of self-selected tools, devices and online services to increase efficiency and productivity.
This rising trend of BYOD and a remote workforce, combined with the introduction of cloud applications such as Dropbox and Google Drive, have simplified the process for employees to share information. Despite corporate policies to the contrary, employees continue to share files via unsecured or unencrypted means, opening an organization’s network up to potential cybersecurity threats.
In 2016, Dtex found that in 64 percent of customers assessed for its Insider Threat Behavior Index, had important and sensitive corporate and employee data - copies of passports, government-issued IDs and social security cards - on the Internet which can be accessed by anyone who has the respective URLs. Without visibility into information-sharing on unsanctioned cloud apps, organizations are unable to protect data, sensitive IP and employees from potential threats.
A Matter of Modern Convenience
The penchant of the modern employee for convenience extends well beyond the cloud. Many employees look to evade their organization’s security protocols by using proxy bypass tools or VPNs. More often than not, employees are simply looking for a way to do their jobs more effectively and efficiently, with no malicious intent in mind.
Protocols that inhibit an employee’s workflow, despite security advantages, tend to cause frustration. This leads to employees using their company machines to ask Google questions like, "How do I bypass my network proxy?" as well as how to install VPNs, access blocked sites and run password-override tools. Employees today are savvy and the modern enterprise needs to protect themselves against the true inevitability in cybersecurity – that users will find a way around restrictive security measures.
What Now? How to Protect Your Business and Employees in the BYOD Era
Ninety percent of breaches are caused directly or indirectly by employees, 60 percent of which are insiders. It is now more important that organizations focus on protecting employees from susceptibility to attacks on and off the company network. There are several steps organizations can take immediately to defend their organizations against cyber-threats:
- Think outside the legacy box. Legacy technologies are the bedrock of enterprise security strategy but they no longer provide the agility to protect the modern enterprise. For example, DLP is too easy to bypass or misconfigure to be a sole solution against data theft, and network logs alone aren’t enough to rely on for visibility due to their sheer volume. Instead, organizations must focus on a multi-faceted approach that combines multiple solutions that provides visibility with actionable insights.
- Close the skills gap. Cybersecurity professionals spend their lives learning and training. Providing employee training is essential to keeping up with new attack methods. It allows industry veterans to stay nimble and versatile, and provides the next generation with a solid foundation. Without extensive and consistent training on new skills, the “skills gap” in cybersecurity will never be closed, leaving the enterprise vulnerable to continued attacks.
- Focus on the point closest to the user itself: the endpoint. The most effective way to find and stop insider threats is by increasing visibility into user activity at the endpoint and applying adaptive analytics. By doing this, companies can detect not only malicious activity but also negligent users that are unknowingly putting the company at risk.