The modern city wouldn’t exist without skyscrapers. Marvels of technology, they allow for continuous growth and vertical expansion in locations that are hard-pressed for space. From early skyscrapers such as the Flatiron in New York City to Dubai’s Burj Khalifa, towering over 160 floors, we continue to innovate and set our sights ever higher.
So, what do skyscrapers have to do with the state of cybersecurity today? Well, imagine working on the top floor of the Burj Khalifa, but the elevator hasn’t been invented yet, so you have to take the stairs. Essentially, this is the current state of cybersecurity. Internet-based technology has grown so rapidly that the technology to protect it has simply not kept up, leaving us all taking the stairs when it comes to securing our data.
Today’s cybersecurity defenses are no longer adequate as they are all reactive to attacks based on known previous exposure. Cyberattacks are no longer limited to specific and repeated methods. Many use a mix of programmatic and social engineering to wreak havoc.
The Current State Of Cybersecurity
Currently, network and data security operate much like that of an office high-rise. The network perimeter is fortified with strong walls, locked doors and maybe even a prox card reader. However, once those fortifications (Firewall, Antivirus, Spam Filter, etc.) are breached the invaders have access to all of the spoils inside. These defenses are no longer adequate as they are all reactive to attacks based on known previous exposure. Today’s cyberattacks aren’t limited to specific and repeated methods. Many use a mix of programmatic and social engineering to wreak havoc.
In the case of email spoofing, hackers are using forged email addresses to trick recipients into interacting with what appears to be a legitimate email from a trusted source, such as a manager or peer. For example, in the case of the Milwaukee Bucks, an employee was tricked into sharing the team’s W-2 forms after receiving what seemed to be a legitimate request for them from the team’s president.
In addition to spoofing, hackers are also finding success with ransomware. This type of attack relies on a recipient clicking on a link within what appears to be a genuine and legitimate email. If the recipient is tricked into clicking on the link, rogue software is downloaded that encrypts all the files on the computer it is installed on, often propagating through other computers and servers if it is installed on a network. At that point, the sender will demand payment in order for the recipient to gain access to the keys.
A number of organizations are finding out the hard way that the current method of protecting data is useless against keeping out today’s increasingly sophisticated and determined hackers. In addition, there is nothing in place to address data breaches occurring inside company walls, either due to human error or malicious employee activity.
If organizations are having this much trouble securing data within their walls, what does that mean for the data that leaves those walls? Well, no one has ever expected that could be protected. Once the treasures have left the building’s fortifications, organizations have come to accept that their data is simply at the mercy of anyone it comes in contact with.
But, it really doesn’t have to be that way, at least not anymore.
The current state of cybersecurity has left us with a technological void that is being all too easily exploited.
Riding The Elevator Vs. Taking The Stairs
Taking the stairs when it comes to protecting data is proving woefully inadequate. The current state of cybersecurity has left us with a technological void that is being all too easily exploited. What’s required is innovation. Much like the elevator made upward expansion possible, a new and revolutionary means of securing data is what’s needed as the internet continues its own unbridled expansion.
So, what’s required for true cybersecurity?
First, organizations must move away from the perimeter defense model and begin securing the data itself. Instead of building stronger walls and better locks, each piece of data must be seen as separate and valuable, and then encrypted and protected accordingly. By securing data at the data level organizations benefit from pervasive and persistent data security wherever that data travels, even across domain boundaries.
In addition, zero-knowledge privacy is critical. This means that only the user ever has access to the encryption keys. Unless the user is the only one holding the keys to their data, encryption is meaningless. Currently, many security providers store a user’s encryption keys, giving the security provider access to a user’s data.
Perfect forward secrecy is also essential. Every secured data resource must be given its own unique encryption key, from files to email. This method ensures that if one key is compromised, then only that single resource that was encrypted with that key will be compromised. If a hacker ever breaks into a file, perfect forward secrecy is what will prevent a domino effect from taking place.
In the case of email spoofing attacks, a secure email system must be established that can scan every email to confirm a digital signature, providing the recipient with a warning if the sender and e-mail address are mismatched. This alert would inform the recipient that the email is suspicious and should be treated accordingly.
As for ransomware, in order prevent it all application traffic must be monitored. This ensures that the only encryption activity occurring is legitimate encryption activity on the part of the security provider and not encryption activity that is part of a ransomware attack. If rogue encryption activity is detected, its application access would be quickly cut off to data on the network. This would mitigate risk to a few files, which could then be replaced via backups.
Finally, after all of an organization’s files are secure and encrypted, the issue of negligent or rogue employees with legitimate access to data must be addressed. How can a corporate network with billions of files possibly monitor that much data? That’s where User Behavior Analytics steps in. It monitors user behavior patterns by algorithmic methodologies and is more commonly known as Artificial Intelligence.
Organizations that are truly looking to secure their data must look beyond today’s dated and ineffective methods or risk being left on the ground floor. For true cybersecurity that is up to the task of combating today’s complex security issues, organizations must combine data encryption, with zero-knowledge privacy, perfect forward secrecy, ransomware/spoofing protection and user behavior analytics.