Knowing How Your Data Behaves Is The Key To Cybersecurity

Data is everywhere. Whether on your phone, an MRI scanner in a hospital or being generated by IoT sensors. It is essential in our hyper-connected world because it generates the foundation of a revolution which is allowing us to achieve more than ever before. However, securing that data has never been more critical, or more difficult. 

That is because potential vulnerabilities in networks carrying data are emerging at almost the same pace as the growth in the data that traverses them. There are also the added complexities of understanding where data is, what state it is in and how these affect the strategies being implemented to secure it. This has already made traditional approaches to cybersecurity largely redundant. 

Defending against Evolving Threats
Securing digital assets, by providing a secure path for data to traverse networks, clouds, devices and arrive in the hands of users where it is needed, is now fundamental. 

The lone “cyber crook” in a basement is replaced by countries waging digital warfare, organised crime syndicates coordinate huge operations to harvest and exploit information, and hacktivists target anyone they deem to be immoral or unethical. Their aims may be different, but they all have one thing in common, they do not care where you keep your data. They only care how they can access and exploit it. 

Why? Because even with data everywhere, trying to get at the really important stuff can be too much like hard work for the average cyber-criminal. Why even sweat the difficult stuff at all when an innocent mobile phone connected via an obscure workaround, into a corporate network, or a smart heating hub, or a turbine, is a much easier backdoor? 

Where does that leave security? 
Suddenly you aren’t only having to worry about securing traditional repositories such as data centers in the way you might have done 15 years ago. Now you have to think about everything that generates, stores, sends and might give access to your data. Do you even know where all of those might actually be in the modern world? The potential surface area from which you can be attacked has grown exponentially and continues to do so. 

You can’t any longer simply rely on sticking it all behind a single, massive firewall around your network perimeter. The complexity of these threats are, now evolving constantly, and big hard firewalls can’t adapt in line with the real-time nature of end-to-end attacks, where data in transit is vulnerable in new ways. 

You need an approach that evolves and adapts as quickly as the threat landscape does. That new and radical approach is encompassed by the rapidly emerging discipline of software-defined security to provide cyber-hygiene.
Two types of data, an infinite number of combinations

You can think about data in many ways, but there’s a simple way to approach it from a security perspective, data in transit or data at rest. Data in transit is on the move, traversing from data centers into the cloud, to a device, an application, back to the cloud, and so on. 

Data at rest is data stored anywhere digitally and at a particular point in time, is stationary and not moving around a network, in one of those locations previously listed, for instance. Typically, this is where data is translated into contextual information.
The value and risks associated with data vary depending on whether it is in transit or at rest and so should the ways you secure it. A deep understanding of what your data is doing at any particular point in time, what it should be doing, when it should be doing it and who is actually responsible for it, is the key to a more flexible, automated, security approach. 
Gaining this profound real time insight into what’s happening with your data is critical. You need to learn what ‘good’ looks like. By being able to identify what that should be, you’re then able to utilise new technologies such as AI to identify when something deviates from this and it will halt that operation or data transaction autonomously. 

“Thing” first?
In order to learn what good looks like, you need to approach your security from a position that historically cybersecurity has never taken, that of the user and increasingly, that of the “thing”. 

Why “thing”? Because with data everywhere, it’s just as likely that what is accessing or producing the data is a “thing”- a sensor on a device at the edge as it is a human end-user. It’s also the single biggest link in the chain that in traditional security, will have been overlooked. Which is why it is the most likely to be targeted. 

This approach is critically important in a modern decentralised organization. Imagine you’re a university, where your intellectual property is at the core of your academic standing and, increasingly, a major source of revenue. 

Historically you might share that IP in lectures, where students took notes, before writing them up on computers all housed in central locations, the library, for instance. Everything could be secured with a perimeter firewall because everything was isolated within the local network infrastructure.

Fast forward to today, and lectures are as likely to be virtually attended as they are presented to a theatre full of undergraduates; seminars can be interactive from anywhere meaning that all reading IP, material and comments are shared across online hubs and accessed from bedrooms, planes or wherever else the student happens to be. Those students may not even have ever set foot on campus.

How do you secure and ensure your valuable IP doesn’t get stolen? The answer is to secure the user and their interaction with the data. After this, predicting trends and behaviors is simpler, allowing organisations to work backwards and to eventually focus on the digital foundation supporting needed to support the innovation of apps and tools.
From this point, you are in a position to identify what ‘good’ looks like, what data and apps are required by which users and how they need to access them, what apps need to connect with which other apps and resources to deliver these requirements leading to adaptive security. By adopting flexible, automated security policies this allows you to deal with even brand-new zero-day threats in real-time.

Shrinking the visible surface area of your infrastructure to limit what can be attacked is also a key objective of modern transformed security. 

Consider the university once more, by taking a user-centric approach and focusing on what the end-user is allowed to access, rather than the device they are trying to use, unsecured personal devices no longer represent an easy target as a route for cyber intrusion.

Know how your data behaves
All this change seems very complex. It is also a major philosophical change from what has been considered as security gospel for the last thirty years. The fact is, the world has changed out of all recognition. 
Cyber-attacks are becoming ever more sophisticated. Every time we connect a new device or turn it into a new source of compute at the edge, we create a new potential target for attack. 

To ensure that we don’t inadvertently deliver breach opportunities on our networks, we must learn to put the human or edge devices front and center. With data everywhere, both inside and outside the networks, we need a different approach to security: security has to be everywhere, it needs to be multi-layer to make things as hard as possible for cyber-criminals to penetrate and maneuver.

Finally, the threat landscape is incredibly dynamic with hundreds of thousands of instances of new zero-day malware appearing every day. 

The only way to combat threats on this scale is to make your newly transformed security equally dynamic, adaptive, and autonomous. That’s the fundamental difference between, cyber-hygiene which is essential today, versus the traditional perimeter-based cybersecurity of the past.

Infosecurity

You Might Also Read: 

How To Develop Secure Cybersecurity Practices:

« Car Hacking & Data Collection
Qbot Banking Malware Can Infect Cybersecurity Firms »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Panzura

Panzura

Panzura optimizes enterprise data storage management and distribution in the cloud, making cloud storage simple and secure.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications & Information Protection of Ukraine (SSSCIP)

State Service of Special Communications and Information Protection is the technical security and intelligence service of Ukraine, under the control of the President of Ukraine.

Apptega

Apptega

Apptega is an award-Winning Cybersecurity and Compliance Platform. Our mission is to make cybersecurity and compliance easy for everyone.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

Grove Group

Grove Group

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

OptimEyes.ai

OptimEyes.ai

OptimEyes.ai is a unique AI-powered, on-demand SaaS solution for cyber-security, data privacy and compliance risk modeling.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

Creative Destruction Lab (CDL)

Creative Destruction Lab (CDL)

Creative Destruction Lab is a nonprofit organization that delivers an objectives-based program for massively scalable, seed-stage, science- and technology-based companies.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Piiano

Piiano

Piiano offers developer-friendly privacy and security products. Reduce risk and protect your data by using our specialized security and privacy SaaS tools.

iTRUSTXForce

iTRUSTXForce

iTRUSTXForce is a global provider of DigitalX (cybersecurity, privacy, and digital trust) services. We offer comprehensive services that focus on delivering outcomes for our clients.

Cloud Carib

Cloud Carib

Cloud Carib is the premier provider of managed cloud services in the Caribbean and Latin American regions.

RANE Network

RANE Network

RANE is a global risk intelligence company that provides critical insights and analysis to more efficiently anticipate, monitor, and respond to emerging threats.