The Security Industry is Protecting the Wrong Thing
When the security industry talks about a data breach, often the first question asked involves the state of the victim’s network security – not the breach of data. Why is this? It’s because organizations have their security priorities backward, and that needs to change.
It’s clear that organizations currently prioritize protection of their networks first, and their data second. Instead, they need to do the opposite – start prioritizing the protection of their data first, network second. There are three main reasons why the security industry has been protecting the wrong thing; now that the problem is identified, what can companies do to secure their data as we move further into 2021?
Reason One: The Difference Between Data and Network Breaches
Looking back on some of the world’s biggest data breaches, it seems hackers are always one step ahead of the game when attempting to compromise an organization’s data. From the Adobe data breach way back in 2013 that resulted in 153 million user records stolen to the Equifax data breach in 2017 that exposed the data of 147.9 million consumers, the lengthy Marriott International data breach that compromised the data from 500 million customers over four years to the recent SolarWinds data breach at the end of 2020 – no organization is exempt from the devastating consequences of a data breach or hack.
When these cyberattacks hit the headlines, it’s because organizations failed to keep their user and customer data safe and protected. Their information and privacy have been stolen and violated. The incidents themselves are even referred to as ‘data breaches.’ But, still, CISOs and CIOs continue to place emphasis on securing their networks.
So what’s the rationale behind maintaining this flawed approach to data security? The fact is, current approaches that focus on protecting the network do not enable data in transit to be protected without compromising network performance.
Instead, CISOs should consider separating data security from the network through an encryption-based information assurance overlay. With this approach, organizations can seamlessly ensure that, even when malicious actors do enter the network, the data will still be unattainable and unreadable to them. The integrity, authenticity and confidentiality of the data will remain intact without impacting overall performance of the underlying infrastructure – it’s a win-win.
Reason Two: Data Rules All in Regulations and Compliance
With the introduction of GDPR in 2018, it became clear that organizations must protect their data or face fines or other punishment. What these organizations must realize is they are not fined or censured based on a network breach; in fact, if a hacker were to enter an organization’s network but not compromise any of its data, the organization wouldn’t actually be in breach of the regulation at all.
GDPR, alongside many other regulations including CCPA, HIPAA, PCI-DSS or CJIS, are concerned with protecting data, but the way in which data needs to be protected will depend on business intent. With new regulations constantly being introduced and compliance becoming another huge concern for organizations as we continue into 2021, protecting data has never been more important. By developing an intent-based policy, organizations can ensure their data is being treated and secured in a way that will meet business goals and deliver provable and measurable outcomes.
Reason Three: Hackers Target Networks to Steal Data
With the high price tag that data now commands on the black market, doing everything possible to keep data secure seems like an obvious priority for every CISO and IT manager. But the constant stream of data breaches shows this isn’t the case.
What can organizations do to keep this data safe? To begin, a change in mindset is needed to truly put data at the forefront of all cybersecurity decisions and investments. Vital questions a CISO must ask include: Will this solution protect my data as it travels from point to point throughout my network? Will this technology be safe even if hackers infiltrate the network? Is this strategy in line with compliance and governance regulations if a network breach occurs? The simple answer to any of these questions, for any CISO, must be ‘yes.’
Furthermore, with such a vast volume of data to protect, real-time monitoring of the organization’s information assurance posture is essential to react to an issue and remediate it at lightning speed. With real-time, contextual meta-data, any non-compliant traffic flows or policy changes can be quickly detected on a continuous basis to ensure the security posture is not affected, so that even if the inevitable network breach occurs, a data breach does not follow in its wake.
Trusting Your Protected Data
With a strategic, information assurance approach, organizations can ensure their data is protected, therefore avoiding a catastrophic data breach. Going forward, it is clear that organizations must safeguard their most valuable asset – their data – and protect themselves and their reputation from suffering. The technology needed to keep data secure is ready and waiting for the industry to take advantage of, but the question is, who will make the change?
