5th July 2017
Insentra security practice manager Lee Foster discusses the security practice at Insentra, the security trends that are making companies vulnerable, the problem with the mantra ‘if it ain’t broke, why fix it?’, quantifying risks and the future for security. Watch until the end to see Lee solve a Rubik’s cube in under a minute.
SOME KEY POINTS IN THE VIDEO INCLUDE:
[1.39] The trends in cyber security
[3.44] In the past the mantra has been “if it ain’t broke, why fix it”. Here’s the problem with that.
[5.16] Using the Databerg to quantify risks
[7.23] The future of cyber security is D.A.R.K.
[8.33] Lee Foster solves Rubik’s cube in under a minute
READ THE TRANSCRIPT
I’m Lee Foster. I run the information management security here at INSENTRA. That practice is fundamentally split into two pieces. One is to talk about information as it resides in the ecosystem, in businesses and organizations. I like to think of that like an iceberg, and we refer to that as the data berg. Effectively, the information sits within that iceberg. What you see above the water is literally 10% of the information that you actually hold and reside, and the associated risk.
What sits below the water is what we call the dark data. The deeper you go, the darker it gets, the harder it is to understand. We talk about service and systems that support and serve up that information and the associated risks that are with those service and systems. Look at those as custodians. Often, people look at the information and the data, what resides there and forget about the custodians and the service that actually serve up the information.
Part of what we do in the information management side of the business is help businesses understand what is in that iceberg, what is that above the water, what’s below the water, and shine the light on that dark data. And then we take the security side and we slice through the iceberg, and show them the layers within the iceberg as to where the risks reside. From the security standpoint, where I would identify risks, mitigate risks, and if we come back to those custodians, provide guidance and advisory how to best to protect against malware and some of the recent attacks like WannaCry and Petya.
That’s fundamentally what the practice is there to do, where the team guides in that practice with our security experts and consultants. On the information management side, exactly the same. The trends in security are fundamentally around that iceberg. We can use that analogy all the way through this. But without shining the light, people tend to just rely upon set and forget software or set and forget services.
We have a compelling need or a compelling event. We’ll put some services or software in place to combat that. They tend to set and forget that. That’s a thing of the past in a lot of instances. What’s key to understand is what businesses are doing now to combat and overcome those vulnerabilities. The key to that is agility. You need to be able to take the systems and services, and the custodians, and leverage next-generation advanced threat protection type technologies.
We provide early warning systems and show you where the gaps and risks are within that iceberg. Again, coming back to the custodians and talking about recent threats from risks, having next-generation advanced threat protection in place will completely bring to the surface the risk that reside within those systems and the data that they hold, and show you which systems, for example, aren’t patched, which systems don’t have the available patches that needs to be there for Microsoft to combat things like WannaCry and Petya.
Using that next-gen technology, we’re able to pull out, highlight those risks, and then mitigate those accordingly through things like sandbox and sandbox detonation and so on. The trends are to absolutely adopt that, so not go down the road of set and forget type software. Be in the leading edge. You’ve got to be at the forefront of this, you’ve got to be in the front line. We can’t sit back and say, “Well, we have endpoint protection in place. We have firewalls.”
The current mindset of the hacker or the disgruntled employee is very easy to circumnavigate all of these stuff. Again, using the iceberg, you don’t know what’s lurking in the dark water, right? You’ve got to be proactive on the front fort, slicing that open regularly, and then adopting the next-gen technologies to help combat that. In the past, we come up against every day talking to partners and customers.
“Lee, you’re talking to me about this next-gen technology. My systems aren’t broken, I’m not being hacked. I’m not feeling any pain, why should I fix it?” Same applies. These are the people, if I can say, these are the people, these are the organizations that are looking at above the water. Their looking at the iceberg that’s clear, seeing the sunlight and know what’s going on. It’s not melting, everything’s good, “I don’t care too much about what’s under the water,” because they’re not being hurt by them.
It’s our job for advisory to better bring that information higher above the water, more clarity, remove the risk. It’s not broken, I don’t want to fix it. It doesn’t work in this market anymore. It really is our job. It’s what we do day-to-day to advise and educate, as I said, partners, and induces them, and customers to let us shine a light on that dark data and information. Let us show how it’s been used.
Once you’re advised, you’re enabled. Once you’re enabled, you can take action. It’s surprising what organizations do once they start to shine a light on information that they’re keeping, they’re storing on systems. In some cases, they’re in breach of compliance. They could be keeping personal information that they’re not entitled to keep anymore. As much as we’re helping them mitigate risks, we’re actually showing them the risk resides and allowing them to take the right action to deal with things like personal informations.
Again, legacy, set and forget, it’s not broken, I don’t need to fix it just doesn’t work in this market, in this age of cyber security. Quantifying risk is coming back to the data berg. It’s a great analogy to use. It’s, again, above the water, I know what I know. Below the water, I don’t know what I don’t know. Leveraging advisory type services or advisory-led services to help slice open the iceberg and show you the layers that lay within it, and the risk components that are within those slices, really elevates the CXOs of organizations. To the point that they can make very significant decisions in the right direction for business and a public business for the shareholders, mitigate risk and avoid the volatility of the share market.
Once an organization, CXOs at the board level can understand that, they’re able to make very informed decisions about things like legacy platforms. They may be running systems and services that just don’t comply. Out of date hardware, out of date software, noncompliant operating systems, systems that aren’t patched. Be it Linux, Unix, Windows, it doesn’t matter. It applies across the board until they can shine a lot on that dark data and information in the systems.
I haven’t even talked about what resides outside of the data berg and the custodians that manage and support that, and talked about software as a service, and platform as a service through things like AWS and Azure, and so on. Organizations, that data berg still applies if you shift it to the cloud, just talk about it as a cloud. What’s above the cloud line and what’s below the cloud line.
What they know is being adopted and used, as far as apps go. And Shadow IT that is being spun up by organizations to solve development need or a peaking demand need that an organization doesn’t know about. Again, the advisory services allows us to pull that apart and present back to a business, “This is where your risks are. This is what’s being used.”
When I refer to next-gen threat protection, this is where the market’s headed. This is the focus now. There are still organizations that have all-custodian type server platforms, still lots of them. There are just as many, if not more, better adopting Cloud, or public Cloud, private Cloud, hybrid Cloud to deliver services to their business. What’s the future of cyber security? How do we stay ahead of this game and not appear in the news and in the press?
I’ve talked about dark data, I’ve talked about the data berg, and the iceberg, and the dark water. The analogy is that, discover what you have. Analyze what you have, take action, and repeat. That process is a repetitive process. Continue to discover, continue to analyze and repeat that process. Quantify risk. Once we understand that information, what is the risk? Let’s quantify it, let’s put a figure to it, and let’s identify it and get a mitigation plan in place for risk. Kill, kill the threat.
Again, legacy, set and forget, it’s reactive not proactive. The reason WannaCry didn’t go far as it did because somebody, unknowingly, took down at the main and created a kill switch. That’s what we’re going to do every day. That’s why you’re on the frontline. Develop that kill switch, leverage what’s around, leverage next-gen, leverage Cloud adoption the right way, and we can create that kill switch and stay ahead of the curve. To find out more, click on the link below.
OTHER VIDEOS YOU MAY LIKE