The digital landscape is beset with challenges that threaten businesses and individual users alike. Even so, most organizations aren't prepared to face them. For example, 70 percent of IT professionals told Tripwire at Black Hat USA 2016 they lack confidence in their organization's ability to address security risks associated with the Internet of Things (IoT). Furthermore, only 34 percent of attendees said they thought their companies could recover from a ransomware infection without losing critical data. These findings beg the question: what's driving this lack of digital security preparedness among organizations? Part of the problem rests with many organizations' failure to diversify and evolve their security measures. Indeed, CIO/Computerworld found in a fall 2016 report (PDF) that more than half of companies haven't replaced their information security management model in over three years. It's, therefore, no wonder that only 17 percent of respondents gave their security systems an "A" rating.
Stasis is dangerous in an age of rapidly evolving digital threats. Organizations need to seize upon innovation. Otherwise, they'll leave themselves wide open to computer criminals. AT&T recognizes this fact, which is why it's published The CEO's Guide to Data Security. In its report, the telecommunications corporation identifies four "innovation enablers" businesses can use to strengthen their digital security strategies. These are identity and access management, threat analytics, virtualization, and incident response.
1. Identity and Access Management
With data dispersed across multiple devices, it's up to companies to figure out what data can leave the data center and who's allowed to view/download that information. Identity and access management (IAM) systems can help organizations in this regard. IAM tools restrict data access based on several variables including an employee's job title, department, location, the time of day they seek access, and the network they’re using. In addition, most solutions apply these rules to devices and level controls based on a workstation's software updates and configuration settings.
2. Threat Analytics
Applications help streamline business processes. But not every app is safe. For instance, employees often download apps from locations that don't vet their offerings for malware. Those apps could be file-sharing services that directly interact with sensitive corporate data. To mitigate risk, organizations should thoroughly investigate an application before they adopt it. In general, companies should stay away from developers that don't practice security by design. They can then whitelist security-conscious developers and monitor all the apps their choose to integrate using threat analytics, systems which look for known or potentially malicious behavior, data patterns, and communication activities. These solutions can flag anything suspicious on the application layer. Security analysts can then review those alerts further and determine whether their company should dispense with an offending app.
Employees on the move are susceptible to connecting to rogue Wi-Fi networks. Attackers oftentimes use these hotspots to conduct network attacks, operations which can compromise an employee's device and expose corporate information. To protect against these attacks, organizations should invest in virtualization solutions and use them to disperse up-to-date security functionality across all hardware including onsite and on the public and private clouds. For instance, organizations could use virtual innovative solutions to set up a VPN that employees must use to access corporate data that's located on segmented networks. Doing so would help employees securely access corporate data wherever they are.
4. Incident Response
Notwithstanding all the protective measures they deploy, organizations will no doubt experience a security incident at some point. They need to prepare for that inevitability by investing in an incident response (IR) and forensics solution that can help security analysts detect and respond to threats. They should also assemble a cross-functional IR team as well as build an IR policy that they continually test across the organizations.
A Comprehensive View
Identity and access management, threat analytics, virtualization, and incident response can strengthen an organizations' digital security strategies. Companies just need to determine how these types of solutions fit into their data ecosystems. For more insight on that subject, please read AT&T's report in full here.