What are the four objectives of planning for security cyber security
The pandemic has put Chief Information Security Officers (CISOs) at the forefront of the battle for enterprise continuity. Enterprise business continuity plans with varying attitudes toward remote work are being put to the test. What was simply a reaction to what was happening has become the object of long-term planning. And with attackers increasingly trying to exploit attack vectors exacerbated by the pandemic, information security issues are taking center stage for businesses.
“Information security directors face a number of challenges. Some they are already familiar with, some are new,” said Wendy Nather, who leads Cisco’s IS advisory group. – This year, remote working has taken center stage. It poses a serious challenge in terms of transparency of what is going on in the IT environment.” Wolf Goerlich, Cisco IS consultant, agrees with her: “It’s about transparency of applications and devices. There are enterprises with more than 1,000 applications, but security sometimes only sees 10% of them. The same goes for devices: some employees use 5-10 devices, but security doesn’t see any.” Richard Archdeacon, Cisco EMEA information security consultant, said: “Increasingly, CIOs are also concerned about staffing and how to attract and retain talent.
During the roundtable discussion, the experts suggested information security directors should pay attention to four trends.
Time to get rid of passwords
Password is the cornerstone and Achilles heel of information security. Users are forced to memorize, change and keep passwords secret, and on average there are 191 passwords per user. Passwords are easy to compromise: according to the Verizon Data Breach Investigation Report, 81% of break-ins were due to stolen or weak identities. Not only that, passwords incur hidden costs. Organizations spend millions of dollars and man-hours each year to regularly change passwords, so it’s not just hacks that are costing them money. Now, platforms, industry groups and service providers are coming together to find a foothold for a password-free future. Biometric technology is slowly creeping in everywhere. Consumers and businesses alike are increasingly using them. Companies are beginning to wonder what will happen to user and data security in a world without passwords.
“It’s not easy to forget passwords after 60-plus years of using them. We have a unique opportunity to rethink authentication principles and create systems that will be as easy to use as they are hard to crack,” says Görlich. “The password-free future may come in a year or two,” adds Nater, “In the meantime, users’ lives are already made easier by Single Sign On solutions.
Collaboration, not control
In many organizations, the traditional approach to security is to write instructions and enforce policies. In the past few months, however, a major cultural shift could be observed. A new model of cooperation and interaction between information security professionals and business colleagues is emerging. Workers are becoming more independent and the pace of work is accelerating. Therefore, security tools need to be as simple as possible in terms of their use. “When building information security systems, we should focus more on collaboration than on control,” says Nater.
On the one hand, by controlling users, organizations are spending their money, on the other hand, users are increasingly taking control into their own hands. CISOs face questions: what needs to be controlled and what can be handed over to users, what should and should not be enforced.
“In addition,” Görlich continues, “control implies hidden costs. The more we restrict users, the more resourceful they become. The consequences can be unpredictable.”
The spread of secure telecommuting
Telecommuting has long been nothing new. But now the rate at which it’s spreading is growing exponentially, even in the most conservative organizations.
During the pandemic, Cisco Duo Security, the division responsible for multi-factor authentication and secure access, recorded a jump in the number of user authentications from 600 million to 800 million. Most of this growth is related to remote working, and no downward trend is in sight.
“The actions of information security directors during the lockdown should be noted,” Arkdicon says. – They are laying the right foundations by implementing basic controls such as multifactor authentication and DNS- and VPN-level protection. As new labor regimes emerge, they are drawing conclusions and shaping a forward-looking strategy to protect their organizations. In doing so, there is a growing need for collaboration to enhance the role of users at the forefront of protection.
Artificial Intelligence, Machine Learning and Zero Trust
Traditionally, the degree of trust is determined solely by the network address from which the request came. The zero-trust approach is more dynamic and adaptive. Trust is established for every request, no matter where it comes from, networks and applications are protected, and only verified users and applications get access.
Multifactor authentication, encryption, and labeling of known and trusted devices make it difficult for attackers to obtain information (identity, network access, horizontal movement capability).
Specialized User and Entity Behaviour Analytics (UEBA) systems are an example of how zero-trust security is enhanced with artificial intelligence (AI) and machine learning (ML). In contrast to the generalized approach used today, specific actions are analyzed.
“The use of AI and MO is a form of automation to help humans. Automation works well when there is certainty, accuracy and accountability. Cisco products take all three of these factors into account. You need to be sure of why automation is necessary and what it achieves. You need to know exactly how the automation works so that it does not have an unpredictable impact on other systems. Finally, you have to take responsibility and be prepared for the automation system to work for a long time without any modifications,” Nater concluded.