CISOs are faced with a seemingly impossible task, as cyber-attacks are evolving faster than their ability to improve their defences. A recent survey, carried out by Ankura, shed some light on the way in which corporations are adapting to meet the demands of the evolving threat landscape. The survey involved 30 industry experts from a range of industries, including finance, healthcare, insurance, manufacturing, media, telecommunications and retail.
Firstly, the report revealed that as many as 87% of respondents rely on cloud-based solutions for hosting non-critical data. 17% of respondents said that Office 365 was one of the main reasons for switching to cloud-based solutions. All of those who took part in the survey said that they work with third-party service providers in some way or another. It was a positive sign that as much as 97% of respondents said that they carry out a formal evaluation of their third-party vendors and service providers, and this includes anyone who interacts with their data in some way. That said, only 37% were confident that these third-parties would be in a legally defensible position in the event of a security breach.
This is slightly concerning, especially since insider threats are the biggest security threat, according to a 2016 report by the Ponemon Institute. To make matters worse, insider threats are notoriously difficult to detect, sometimes going undetected for years, thus making them expensive to remediate. The main reasons why insider threats are hard to detect is because it is very difficult to distinguish between malicious behaviour and legitimate user operations. They are also easy to conceal and hard to prove, as employees can claim that they just made a mistake, if they got caught.
Visibility and Education are the Key to Improving Security
According to the Ponemon report, 97% of respondents claim to be able to identify their critical data, and 83% said they are able to identify who has access to their critical data.
While this is certainly a good start, knowing who has access to your critical data is so important that it should not be an optional measure, for any organisation. It is crucial that CISOs use the right technology to assist them in identifying who has access to what data, and when.
Solutions, such as LepideAuditor, enable CISOs to easily keep track of user privileges as well as suspicious file and folder activity. It allows them to detect and manage inactive user accounts, track privileged mailbox access, and help ensure passwords are regularly rotated.
Organisations should also initiate regular security awareness training for all employees. Employees must be made aware of the security policies and procedures that exist, why they exist, and the potential consequences should they fail to comply with them.
If you want more information about how CISOs can further improve IT security, get in touch with us today. We’d love to help.