Humans are the weak point in cyber - how do we change that?
The changing business environment has created more opportunities for workers to cause a breach - not always unknowingly
Forcepoint's CIO, Meerah Rajavel, and chief scientist, Dr Richard Ford, spoke at Gartner's Security & Risk Management Summit this week, discussing methods for countering the human threats in cyber security. With data from the SANS Institute showing that around 30 per cent of enterprises have suffered from a data breach caused by an insider, they touched on how to approach security with people in mind. The findings came from research presented in a new State of Cybersecurity whitepaper.
New technology in businesses - often employed to attract a younger workforce, reduce costs and enhance efficiency - also leads to new security threats. Critical data is widespread and often mixed with employees' personal information; data visibility is a major concern for IT leaders, especially with regards to the upcoming GDPR.
Forcepoint states that regardless of how attacks originate, they will ultimately inflict the most damage at the points where people interact with important data and IP. Human error can undermine the most elaborate security systems. Because of this, it is felt that the industry's past approach to protection, which focused only on its own infrastructure, is no longer viable. Instead, security professionals should focus on people; especially with modern trends of remote working, BYOD and use of cloud apps on the rise.
A report titled The Human Point, based on a study conducted by Forcepoint this year, discovered that the majority (42 per cent) of cybersecurity professionals rate their visibility of critical business data across company- and employee-owned devices as only ‘moderate'. 33 per cent said that it was good and less than 7 per cent rated it as very good. 37 per cent are ‘moderately concerned' about the co-mingling of personal and business data; and the majority said that big data only made their jobs slightly easier.
Technology won't fix it
"There is no silver bullet in security," Rajavel told the Gartner summit. Despite a rise in security spending - expected to reach $90 billion this year, and $113 billion by 2020 - cyber incidents continue to rise. Threats evolve and technologies develop, but people are the constant - and, consistently, the weak link.
Forcepoint uses a tool it calls the Continuum of Intent, which judges employees' intent when handling sensitive information. It place them into one of three categories: ‘Accidental', ‘Compromised' or ‘Malicious'. Various factors can influence employees' handling of data, and they can move in and out of these categories at any given time.
- Accidental insiders are those who cause a vulnerability through a mistake;
- Compromised insiders are those with network access whose credentials have been stolen;
- Malicious insiders are those are knowingly perpetrate or assist in an attack; they could be rogue employees or criminal actors. These are often the most dangerous type in the Continuum, because they know their way around a network.
The future
‘Instead of spending $113 billion on a perimeter that has crumbled,' argues Forcepoint, ‘we should look at people and protect against those behaviours we know lead to critical data and IP loss…
Understanding the human point is an entirely new security paradigm. An approach rooted in securing technology has proven ineffective at minimizing threats; in fact, they are growing. It's time to think differently about cybersecurity… Only by understanding the intent behind a user's actions can we recognize the difference between good and bad cyber behaviours.'