Why Cybersecurity is a Data Problem

Why Cybersecurity is a Data Problem
WHY CYBERSECURITY IS A DATA PROBLEM
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved WHY CYBERSECURITY IS A DATA PROBLEM The SolarWinds hack, first detected in December 2020 and referred to as “the largest and most sophisticated attack the world has ever seen” by the president of Microsoft, was a watershed moment in cybersecurity. Hundreds of organizations, including Fortune 500 companies and government agencies, were affected, with sensitive data compromised. A year on, a major study conducted by Splunk has found that 78% of companies expect the same thing to happen again. It’s widely acknowledged that the Covid-19 pandemic has exacerbated the problems of information security experts. A major factor is the increased surface area that's open to attacks due to the accelerated rate of digitization that companies are going through. Large workforces working remotely means more connections that must be secured and a greater need for authentication. Both factors mean new vulnerabilities for attackers to probe and potentially exploit.
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved Data is at the heart of cybersecurity, being both the prize that malicious actors are after, as well as a potent tool for those whose job it is to thwart them. For this reason, security is an essential aspect of any data strategy. This means developing a solid understanding not just of what data your organization has but how it can use data to shore up its defences and prevent itself from becoming one of the growing number of organizations that falls victim to data breaches. According to Simon Davies, Splunk’s Vice President for the APAC region, cybersecurity has evolved from an IT concern to a business-wide priority that has to be tackled at the executive level. This has been driven by three principal factors – complexity, consistency, and cost.
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved Particularly at enterprise and mid-level businesses, the complexity of IT infrastructure has increased exponentially as more and more functions undergo digitization. At the same time, when employees increasingly need to connect to a growing number of systems remotely – some of which may in the past have been entirely manual, such as logging working time or interacting with HR departments – there's a growing need for consistency of user experience and access. And, of course, this all has cost implications. For many companies, cost is a motivator when it comes to migrating infrastructure to the cloud, but this migration creates a need to maintain visibility and secure points of contact between cloud and on-premises systems, which doesn’t come for free! Davies tells me, "With the onset of the pandemic, we saw a rapid acceleration of digitization across industries… but with that came risk. You have a lot less visibility into your security ecosystem, less control over access points and you’re relying heavily on third parties and external service providers to support you. All these factors create more surface area and more risk for security breaches.”
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved All of this has led to a growing realization that security needs to be considered in the same way as any data initiative. What data do we need to solve the challenge? How do we collect, store and analyze the data? Finally, how do we put the insights into action and learn from our experience – with the aim of automating the process so we can be sure it’s consistently executed in the most effective and least time-consuming and wasteful manner. Of the 500-plus respondents to Splunk's survey, 84% said their organization had suffered a significant security incident in the past two years, with the largest individual incident type being compromised email security. Data breaches, malware attacks via mobile apps, distributed denial of service (DDoS) attacks, phishing, and ransomware were other incidents that frequently caused issues.
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved Supply chain vulnerabilities are also seen as a problem; however, just a worryingly low 23% say they have reassessed their policies around third-party vendor management in the fallout of the SolarWinds attacks. Undoubtedly this comes down to workloads, which security professionals have seen grow significantly thanks to the factors already covered here. So how is data critical to cybersecurity? In practice, it fills several functions. Behavioral data – such as the actions and interactions of users on your network – is used to establish levels of "normal" activity, which can then be used to highlight outliers that could be a sign that something odd is going on. If a user is accessing systems or data from an IP that seems to originate in a part of the world where they are not usually operating, it can raise red flags. But as more of us are working remotely and perhaps from different locations than usual, it isn’t always that simple to identify.
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved Machine learning can be helpful here, as it's able to correlate many different factors and draw up a more accurate picture of which activity is simply unusual and what might constitute a serious threat that requires remedy. And, of course, data is the fuel of machine learning - the more that algorithms know, the more accurate they will be at understanding and classifying behavior. Davies tells me, "If you think about the amount of 'digital exhaust' that gets generated by organizations – every login attempt on a website, every interaction on a mobile app- data is being generated. Being able to digest all these data and understand what is going on becomes critical for threat hunters. That’s where machine learning can really assist.”
© 2021 Bernard Marr, Bernard Marr & Co. All rights reserved When companies look to Splunk to help with their data security issues, it employs a framework it calls the Prescriptive Value Pass. Critically, as well as assessing the hardware and software infrastructure to identify vulnerabilities, it also involves a review of the staffing and training infrastructure, which can be just as important. All of this helps achieve the essential objective of building a comprehensive, 360- degree view of an organization's data, as well as the touchpoints it moves through as it’s copied and pasted across an increasing number of business functions by companies working towards holistic, heterogeneous data strategies.
© 2021 Bernard Marr , Bernard Marr & Co. All rights reserved Bernard Marr is an internationally best-selling author, popular keynote speaker, futurist, and a strategic business & technology advisor to governments and companies. He helps organisations improve their business performance, use data more intelligently, and understand the implications of new technologies such as artificial intelligence, big data, blockchains, and the Internet of Things. LinkedIn has ranked Bernard as one of the world’s top 5 business influencers. He is a frequent contributor to the World Economic Forum and writes a regular column for Forbes. Every day Bernard actively engages his 1.5 million social media followers and shares content that reaches millions of readers.
hello@bernardmarr.com www.bernardmarr.com

Check these out next

Why Cybersecurity is a Data Problem

Recomendados

Más contenido relacionado

Presentaciones para ti(20)

Similar a Why Cybersecurity is a Data Problem(20)

Más de Bernard Marr(20)

Último(20)

Why Cybersecurity is a Data Problem