The two megatrends of cloud-based applications and mobile devices have been a boon for company productivity, agility, and innovation.
The mobile-cloud combo empowers employees to work and be productive literally anywhere. However, the mobile-cloud era has created a conundrum for cybersecurity teams.
Christo van Staden, Forcepoint regional manager: sub-Saharan Africa, says if one looks at how cybersecurity has traditionally been approached up to this point, it’s centred on threat-centric responses.
“You built a wall around your perimeter, controlled access in and out of that wall, and when something bad happened, you responded. That was effectively your defence, and it was relatively easy to implement,” he explains.
Today, the traditional perimeter has dissolved, primarily because of two changes within the enterprise – the rise of the mobile employee and the wide scale adoption of cloud services. By the same token, cyber activity once easy to define as “good” or “bad” has become nebulous.
This poses a crushing problem to threat-centric security, whose static policies are forced to make decisions about cyber activity with no insight into its broader context. The result is a disproportionate number of flagged activities, overwhelming security teams who have no way to understand the ones most worthy of investigation.
He says today’s data protection options are limiting. “IT security protects data in different ways, using a variety of different tools. These tools are designed to do the same thing – protect data – but none are really that effective.”
“That’s because they use static, threat-centric policies to block or allow access to data. That was acceptable when everyone worked within a perimeter. There are issues with siloed tools as well. An effective solution should cut through the noise of alerts and highlight early warning signals to prevent the loss of important data,” he adds.
However, there is a new paradigm. Instead of trying to extend the traditional, event-centric approach by adding more layers or crunching more data, one needs a paradigm shift that places human behaviour at the centre of cybersecurity.
Cybersecurity professionals need to focus on two constants – people and data – and where the two come together to conduct business.
“It’s much easier to classify an action once you understand why someone took the action. This is at the core of increasing the efficacy of security organisations. Prepare for the next level in user and data security with the integration of the market’s most powerful endpoint and user behavioural analytics,” he concludes.