Knowing How Your Data Behaves Is The Key To Cybersecurity

Data is everywhere. Whether on your phone, an MRI scanner in a hospital or being generated by IoT sensors. It is essential in our hyper-connected world because it generates the foundation of a revolution which is allowing us to achieve more than ever before. However, securing that data has never been more critical, or more difficult. 

That is because potential vulnerabilities in networks carrying data are emerging at almost the same pace as the growth in the data that traverses them. There are also the added complexities of understanding where data is, what state it is in and how these affect the strategies being implemented to secure it. This has already made traditional approaches to cybersecurity largely redundant. 

Defending against Evolving Threats
Securing digital assets, by providing a secure path for data to traverse networks, clouds, devices and arrive in the hands of users where it is needed, is now fundamental. 

The lone “cyber crook” in a basement is replaced by countries waging digital warfare, organised crime syndicates coordinate huge operations to harvest and exploit information, and hacktivists target anyone they deem to be immoral or unethical. Their aims may be different, but they all have one thing in common, they do not care where you keep your data. They only care how they can access and exploit it. 

Why? Because even with data everywhere, trying to get at the really important stuff can be too much like hard work for the average cyber-criminal. Why even sweat the difficult stuff at all when an innocent mobile phone connected via an obscure workaround, into a corporate network, or a smart heating hub, or a turbine, is a much easier backdoor? 

Where does that leave security? 
Suddenly you aren’t only having to worry about securing traditional repositories such as data centers in the way you might have done 15 years ago. Now you have to think about everything that generates, stores, sends and might give access to your data. Do you even know where all of those might actually be in the modern world? The potential surface area from which you can be attacked has grown exponentially and continues to do so. 

You can’t any longer simply rely on sticking it all behind a single, massive firewall around your network perimeter. The complexity of these threats are, now evolving constantly, and big hard firewalls can’t adapt in line with the real-time nature of end-to-end attacks, where data in transit is vulnerable in new ways. 

You need an approach that evolves and adapts as quickly as the threat landscape does. That new and radical approach is encompassed by the rapidly emerging discipline of software-defined security to provide cyber-hygiene.
Two types of data, an infinite number of combinations

You can think about data in many ways, but there’s a simple way to approach it from a security perspective, data in transit or data at rest. Data in transit is on the move, traversing from data centers into the cloud, to a device, an application, back to the cloud, and so on. 

Data at rest is data stored anywhere digitally and at a particular point in time, is stationary and not moving around a network, in one of those locations previously listed, for instance. Typically, this is where data is translated into contextual information.
The value and risks associated with data vary depending on whether it is in transit or at rest and so should the ways you secure it. A deep understanding of what your data is doing at any particular point in time, what it should be doing, when it should be doing it and who is actually responsible for it, is the key to a more flexible, automated, security approach. 
Gaining this profound real time insight into what’s happening with your data is critical. You need to learn what ‘good’ looks like. By being able to identify what that should be, you’re then able to utilise new technologies such as AI to identify when something deviates from this and it will halt that operation or data transaction autonomously. 

“Thing” first?
In order to learn what good looks like, you need to approach your security from a position that historically cybersecurity has never taken, that of the user and increasingly, that of the “thing”. 

Why “thing”? Because with data everywhere, it’s just as likely that what is accessing or producing the data is a “thing”- a sensor on a device at the edge as it is a human end-user. It’s also the single biggest link in the chain that in traditional security, will have been overlooked. Which is why it is the most likely to be targeted. 

This approach is critically important in a modern decentralised organization. Imagine you’re a university, where your intellectual property is at the core of your academic standing and, increasingly, a major source of revenue. 

Historically you might share that IP in lectures, where students took notes, before writing them up on computers all housed in central locations, the library, for instance. Everything could be secured with a perimeter firewall because everything was isolated within the local network infrastructure.

Fast forward to today, and lectures are as likely to be virtually attended as they are presented to a theatre full of undergraduates; seminars can be interactive from anywhere meaning that all reading IP, material and comments are shared across online hubs and accessed from bedrooms, planes or wherever else the student happens to be. Those students may not even have ever set foot on campus.

How do you secure and ensure your valuable IP doesn’t get stolen? The answer is to secure the user and their interaction with the data. After this, predicting trends and behaviors is simpler, allowing organisations to work backwards and to eventually focus on the digital foundation supporting needed to support the innovation of apps and tools.
From this point, you are in a position to identify what ‘good’ looks like, what data and apps are required by which users and how they need to access them, what apps need to connect with which other apps and resources to deliver these requirements leading to adaptive security. By adopting flexible, automated security policies this allows you to deal with even brand-new zero-day threats in real-time.

Shrinking the visible surface area of your infrastructure to limit what can be attacked is also a key objective of modern transformed security. 

Consider the university once more, by taking a user-centric approach and focusing on what the end-user is allowed to access, rather than the device they are trying to use, unsecured personal devices no longer represent an easy target as a route for cyber intrusion.

Know how your data behaves
All this change seems very complex. It is also a major philosophical change from what has been considered as security gospel for the last thirty years. The fact is, the world has changed out of all recognition. 
Cyber-attacks are becoming ever more sophisticated. Every time we connect a new device or turn it into a new source of compute at the edge, we create a new potential target for attack. 

To ensure that we don’t inadvertently deliver breach opportunities on our networks, we must learn to put the human or edge devices front and center. With data everywhere, both inside and outside the networks, we need a different approach to security: security has to be everywhere, it needs to be multi-layer to make things as hard as possible for cyber-criminals to penetrate and maneuver.

Finally, the threat landscape is incredibly dynamic with hundreds of thousands of instances of new zero-day malware appearing every day. 

The only way to combat threats on this scale is to make your newly transformed security equally dynamic, adaptive, and autonomous. That’s the fundamental difference between, cyber-hygiene which is essential today, versus the traditional perimeter-based cybersecurity of the past.

Infosecurity

You Might Also Read: 

How To Develop Secure Cybersecurity Practices:

« Car Hacking & Data Collection
Qbot Banking Malware Can Infect Cybersecurity Firms »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

Belcan

Belcan

Belcan is a global supplier of engineering, manufacturing & supply chain, workforce and government IT solutions to customers in the aerospace, defense, automotive, industrial, and private sector.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

HACKNER Security Intelligence

HACKNER Security Intelligence

HACKNER Security Intelligence is an independent security consultancy delivering comprehensive security assessments across IT security, physical security, and social engineering.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

ADNET Technologies

ADNET Technologies

ADNET Technologies is a SOC 2, Type II Compliant IT management and cybersecurity firm.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.

XONA

XONA

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.