Evaluating Risk Leads To Proactive Security Practices



Dan Gunderman
01/03/2018

As the breach rate continues to climb, and with it the intensity of each incident, insiders are cautioning public sector practitioners against lax security measures – especially where personally identifiable information (PII) is concerned.

Bad actors have infiltrated networks to steal sensitive data – including cyber security capabilities and insider information. The number of breaches climbs each year, and with it, so should enterprise security protocols.

In Cisco’s 2017 Annual Cyber Security Report, 54% of public sector organizations indicated that they utilize project-based approaches for security. According to Cisco’s V.P. of U.S. Public Sector Services Diane Gongaware, who penned a related piece for Fed Tech Magazine, that timeworn strategy is only “reactionary.” More proactive approaches equate to better detection and response time.

The same holds true for private sector enterprises that have embarked on the road to buttoned-up cyber security.

With that in mind, Gongaware points out that the first step in addressing and/or assessing an agency’s cyber security posture is to understand the type of information hackers desire. Oftentimes, that sought-after information includes classified documents or corporate data.

Gongaware writes that agencies must think like hackers to understand the value of protected data. As such, these actors could be seeking financial or geopolitical gain. Lifted information could be social security numbers, student loan information, health records, etc.

See Related: Direct Relationship Between Talent Crisis And Breach Frequency?

Once the agency’s security professionals determine which data sets live within the network, their next goal becomes grasping how that information is used. Is it shared? Where is it stored (internally, or with a cloud service)? Gongaware says these answers craft a “baseline of normality” that allows the enterprise to pinpoint abnormal behavior and/or augment its security technology.

Outside of this crucial risk assessment process, the Cisco V.P. of U.S. Public Sector Services writes that agencies should also: minimize “shadow IT,” monitor access controls, insert more visibility and intelligence into a security suite by drawing on automation and smart tools, and segment traffic and devices.

Many of these tips cut to the heart of cyber security – and its oft-mentioned set of challenges. For one, “shadow IT” should be avoided through visibility, communication and the establishment of best practices. This eliminates the “silos” security professionals tend to fall into.

Other tips, while fundamental, hold true for public and private sector enterprises. To strive for this full visibility, CISOs must be kept abreast of news and relevant advances in the cyber space.

What’s more, there is a regulatory climate that these same security professionals need to monitor. Agencies of all sizes could be held to standards in the Health Insurance Portability and Accountability Act (HIPAA), or the National Institute of Standards and Technology (NIST) or cloud regulations in General Services Administration’s Federal Risk and Authorization Management Program.

See Related: Practitioner Q&A: Cyber Security's Focal Points For 2018

Altogether, security practitioners must be cognizant of movement in the industry, and be shooting for a highly efficient and visible security platform. Said platform should be accessible and communicated up the corporate ladder.

Gongaware writes that the best way to construct this optimal defense is “through an architectural approach that breaks down functional silos and engages the CISO to create a unified and policy-based security architecture across the agency.”

So, the main threads of this discussion are: knowing what information rests where, how that information is accessed and utilized and then developing a strategic defense for it. This defense is one capable of swiftly mitigating threats.

Beneath it all lies open communication across departments, beyond the “silos” and amongst the C-suite.

For CISOs in SMBs and large enterprises, public or private, these are fundamental points sure to streamline the network security process.

Beyond the technical aspects lies physical attendance – something stunted by the emerging talent crisis. But with a tight-knit and well-informed security team, an enterprise could be readily protecting its perimeter.

Give It A Look: Tick, Tock: New SWIFT Security Regs Take Hold Jan. 1