There is a dangerous gap in modern IT security, says Rabih Itani.
We define the security gap as the inability of an organisation’s people, processes and technologies to keep up with a constantly changing threat landscape. And, given that data breaches are now so common that on average 58 records are stolen every second, we know it’s a problem that needs to be addressed urgently.
Here’s a closer look at some of the hurdles that are stopping businesses from identifying, detecting, containing and resolving data breaches and other security incidents in an IoT era.
Expanding and blurring the line of the corporate perimetre
Firstly, it’s no secret that the volume of IoT devices connecting to corporate networks has exploded – eclipsing that of the global population. This level of proliferation is impacting the requirements each organisation has when it comes to network security. Over half (55%) of respondents from our global study with The Ponemon Institute said it is hard to protect the expanding and blurring IT perimeter considering IoT, especially with BYOD, cloud and the opening up of networks to partners. A clear lack in security strategy around IoT is only compounding this problem. In fact, only 24 percent of respondents said that their organisation’s IoT devices are appropriately secured with a proper security strategy in place.
Tackling the security issue without the skills and expertise
A big part of this problem is rooted in the difficulty organisations have in recruiting security staff with the necessary skills and expertise to protect complex and dynamically changing attack surfaces. Half of Ponemon’s respondents said staff lack the crucial expertise to match the risks these attackers and corresponding threats present, citing it as the main reason behind security gaps.
Accountability is another issue for consideration. When asked who inside their organisation was responsible for IoT security, responses ranged from CTO, CIO, CISO and line-of-business leaders. Lack of ownership of course impacts the ability of an organisation to tackle complex cybersecurity threats – as there is no clear consensus over where the responsibility lies.
A disconnect on IT process and training
In addition to this, employees lack security understanding. For example, in a previous study, over 70% of global employees revealed they were compromising network security by sharing passwords and devices. It’s these kind of behaviours that can cause immense damage. Just imagine an employee with local administrator rights disabling security solutions on their PC. It could allow an infection to spread onto the entire corporate network.
To keep up with these threats and future-proof against the insider threat, of course training is valuable, but we also need to keep ahead of sophisticated and well financed attackers by being able to act with speed and deep visibility into user activity. That way we can spot potential changes in behaviour and respond quickly enough to threats before it is too late.
Closing the gap: pairing human and technical
People and process must be prioritised if we’re to close the IT security gap, but there are also technical steps that can support organisations in tackling these hurdles while also augmenting the existing work security staff are doing.
And businesses are starting to catch on. We know from Ponemon’s study that more than a quarter of security professionals are already embedding AI into security systems. Doing so, they’re able to reduce false positives, improve the efficiency of security investigations and detect attacks that are evading traditional perimeter defences.
Using a combination of AI and machine learning, IT staff can recognise, profile and connect every device accessing their network, giving each its own risk profile, and raising an alert if unusual behaviour is detected. In fact, over half (64%) of IT professionals confirmed that these new technologies, like machine learning, are needed to discover and understand threats that are active in the IT infrastructure. A similar number (51%) agreed that AI technologies like machine learning and behavioural analytics are essential to detecting attacks on the inside before they do damage.
Against this backdrop, AI-based security tools, which can automate tasks and free up IT personnel to manage other aspects of a security programme, were viewed as critical for helping businesses keep up with increasing threat levels. What steps are you taking to address the IT security gap?