4 Reasons Why Visibility Is Key in Security

4 Reasons Why Visibility Is Key in Security

Markus Melin

Head of Security Services at Tieto

Views 267

4 Reasons Why Visibility Is Key in Security

10.03.2017 09:15 am

One thing that should be crystal clear to everybody is this: visibility is the most important factor in cyber security. To truly digest this you got to put on your pessimist’s glasses.

In business, pessimism is not the point-of-view that will carry you the furthest. You need ambition and belief to make your business goals happen. But when it comes to security, you got to have large amounts of gritty attitude. 

You should of course try to build a network of protective measures so tight that it is very difficult to penetrate. But it’s way too optimistic to think that it will block every offender: sooner or later someone will get in.

The most beneficial question you can ask yourself is: when will we notice if somebody is in?

The more you know of the operations in your networks, the better off you will be. State of the art visibility consists of the following factors.

1. Bottom up approach

In the old days, security information was of classified nature in the sense that it was shared with only the IT experts and the CxO level. You needed to have rank to get the status.

In our connected world where every device has an internet connection, this traditional approach just doesn’t cut it. Remember: in large organisations up to 75% of security breaches are staff-related.

A wise organisation empowers employees with accurate security information. The more aware they are of their actions, the better.

2. Real-time view

Organisations used to rely their judgement of the security status on a static glimpse to operations. In fact many still do: traditional security auditsexecuted e.g. on an annual basis are still the main checkpoint for businesses in many industries.

Be it connected IoT devices or a global workforce working around the globe, information flow in your network is constant. If something extraordinary happens, you should be able to detect it right away. Nowadays this is achievable with tools that provide a real-time overlook e.g. to your network.

3. Comprehensible for everyone

There is plenty of evidence that show the importance of security awareness in your whole staff. A recent UK study once again showed how the security role of the staff is still underestimated.

For us working in IT security all the security metrics and factors are well-known. But we shouldn’t burden the whole organisation with details. Security information must be easily digestible, visual and released in multiple formats according to the role of the employee. That is the only way to make sure everyone understands the security status.

4. Actionable information

Just understanding is not enough. It should lead to action.

If you detect an anomaly, you need to understand if it is an isolated incident – say a malware infection in a single machine – or maybe an indication of a more significant breach. As the trend is that intruders spend significant time doing reconnaissance before acting, breaches initially leave hardly any signals. It is, therefore, critical to be able to find any weak signals from the noise of insignificant events.

If a breach has indeed happened, you need to be able to provide an executable action plan that responds to the case at hand. No point restoring infected files from backups after a ransomware hit. For this, you again need visibility, this time to the history of the attack. 

Following these four principles should deliver the right level of understanding to keep your assets safe. If you want more information on our approach, please read our latest white paper Visible cyber security.

 

This article originally appeared on perspectives.tieto.com

Latest blogs

Shuvo G. Roy Mphasis

Reboot 1.0: How financial services technology can enable the supply chain to support a post-lockdown boom

Ground control and Captain Tom When veteran Captain Tom Moore decided to walk one hundred laps of his garden before his 100th birthday to raise funds to support NHS heroes battling Covid-19 from the frontline, he never imagined that he would Read more »

Lisa Gutu Salt Edge

Building a PSD2 compliant channel: challenges and opportunities for financial institutions

PSD2 obliges ASPSPs including banks, e-wallets, prepaid cards and other companies that offer payment accounts to provide at least one channel for secure communication with third party providers (TPP). Even neobanks or e-money institutions, including Read more »

Thomas Pintelon Capilever

Credit origination - A lot of innovation on the horizon

While consumer credits are becoming more automated and user-friendly to request, all other credits are often still very manual and labor intensive to originate. In this (relatively long) blog I will try to give a description of the (potentially Read more »

Kelly Kearsley Hourly.io

Time Card Theft is a Big Problem. Here's How to Stop It.

Trust is at the core of every employer-employee relationship. You trust your people to do their jobs, and they trust you to compensate them for their work. Most of the time, it works. However, there's always the person looking to bend the rules or Read more »

Daria Afanasyeva UTP Merchant Services Ltd

Cybersecurity – Online payments are getting more secure

Ever since we've been able to buy anything we need with just a click of a button on our laptops or phones, online sales have been consistently increasing each year. Just last year, the total value of UK retail sales was £394 billion, with an average Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel