What your firm needs to do to counter a cyberattack
Most people flinch when they hear the term cybersecurity because they fear the “unknown”. This fear is sometimes amplified by the organizations that they work for. Twenty-five years ago, the digital narrative was limited to emails and an internal network, so the fear of data or information being stolen was limited to the firewall of the company. Companies controlled it with absolute authority. Today, employees bring their own devices and use them across multiple networks. Further, there are no boundaries on the digital highway, which makes it all the more vulnerable.
Companies have reacted by putting in solutions in every node of the network, yet security remains the number one concern for a corporations. Threats earlier were easier to handle. A “point solution” checked every email and stopped any information being taken out in the form of unknown universal serial bus (USB) devices. But, as the network has evolved, threats are coming from consumer devices. This makes the firewall completely vulnerable as the attack can come from anywhere. In this situation, companies have reacted terribly and two things have happened over the past decade. One, companies have begun policing devices given to employees and have stifled employee productivity. Two, they are yet to protect themselves from cyberterrorists who are using employees’ personal devices to come on to the corporate network and steal information. Yet, organizations want to add point solutions—which work for a specific, isolated purpose rather than protect the entire network as a whole—to fight threats.
In my mind, these point solutions do not create productivity; they stifle work and develop a state of fear among employees. As such, their approach today is to worry about securing devices and Wi-Fi. Things, however, have to move beyond these elements. People who want to break devices and enter corporate networks are working twice as hard. Hence, companies should focus on a security architecture that looks at a holistic approach to things. Black hats—a term that cyberterrorists go by—can destroy and steal information at will and can do so because an organization’s endpoint solutions cannot react to the collective strength of the algorithms written by black hats.
Hence, the question I throw at companies is this: How agile are you to take on modern cyberattacks?
I believe in three things when it comes to security: A central command and control structure, distributed enforcement, and integrated, actionable intelligence. By following this approach, security is made available on every device in any location and in any form factor. This can be done when all the end-point security solutions are stitched together to become part of one core. This is how the security officer, in a company, should look at the future of security. This integration brings down the number of tactical reports that his team has to sieve through to make a decision. The old, point-solution method is cumbersome and no longer very effective.
An integrated security structure is typically cloud-based and relies on a diverse set of data. It is also built for automation where all anomalous files can be detected early, on every employee device, and can be auto-wiped if the device is lost or stolen. This form of preparation with real-time intelligence will not only increase the efficiency of employees but also add to firms’ readiness to take on new kinds of attacks where the patterns are constantly changing. They no longer have to worry about multiple solutions at multiple endpoints. Hence, to secure the future, companies should democratize security for employees—but control it centrally.
V.C. Gopalratnam is senior vice-president of IT and chief information officer (international) at Cisco Systems Inc.