Why Humans Are Still an Important Part of the Cybersecurity Strategy

Barrington Malcolm by   01.09.2019   Data Security

The market for cybersecurity solutions has exploded over the last few years, with exciting new developments into artificial intelligence and machine learning leading the way.

There really is no shortage of solutions grouped into “handy” abbreviations, designed to address all manner of both external and internal threats; including malware, ransomware, hackers, insider threats, privilege escalation and more. However, despite the threat landscape evolving at a rapid pace, end users continue to remain one of, if not the primary starting point for most cybersecurity incidents.

The Nature of Insider Threats

The most common threats you are likely to face in your organization on a day to day basis come in the form of phishing attacks, social engineering, privilege abuse or simple accidental data leakage. If you are unfortunate enough to be the target of an external attack, hackers know that the easiest way to get access to sensitive data is through the privileged accounts of your users instead of attempting to bypass sophisticated solutions.

As a vendor in the cybersecurity space, we talk to hundreds of organizations that have experienced insider threat related problems. We are well aware that, in a large number of cases, data breaches can be caused by even the most well-intentioned end users. Unfortunately, despite wider press coverage in recent years, it seems that users are still not aware of the potential ramifications of being careless with sensitive data.

Does Raising Awareness Work to Tackle Cybersecurity Threats?

In theory, yes. In practice it is a little more complex than that.

To an extent, most people are aware of the fact that having a simplistic password and refusing to regularly update it, or writing it down instead of remembering it, makes it easier for your account to be breached. Despite this, many users are still more likely to take the easier path and risk security.

It’s clear more needs to be done.

If you approach the problem in the same way that you approach physical security, the differences between the two become apparent. The vast majority of workplace incidents are avoided simply by ensuring that the workplace is set up in a way that limits the ways in which employees can hurt themselves. One such example of this is when a factory with a large number of factory workers were being struck by forklifts, the owners painted walkways down aisles that significantly reduced the number of these incidents. Similarly, most organizations use some form of authentication before allowing people to enter the building, in an effort to prevent unauthorized access. In some cases, this can even take the form of biometric scanners, with the most common being keycards or physical security guards.

So, how do you set up your cyber-environment in the same way to help prevent incidents from occurring? Well, one way of doing this is through the implementation of a variety of security solutions designed to prevent malware, filter out phishing emails, and manage permissions to data. When you combine this ecosystem of network monitoring and defense systems with better security awareness training, you put yourself in a much stronger position to prevent data breaches.

Paying Attention to User Permissions

One of the biggest reasons for end-user-based data security threats is that permissions to sensitive data are granted to users that don’t require them. For example, when we’ve conducted risk assessments within enterprise organizations, we’ve noticed an alarming amount of operating with numerous open shares. Open shares increase the chances of privilege abuse and it is always best practice to try and reduce the number of open shares to zero.

This is just one example, but there are many others. In order to mitigate the risks of your end users being the reason for a massive data breach, limit elevated permissions to only those users that really need them. When you take a step back, there are really very few people in the organization that should have access to personally identifiable information, corporate secrets of financial data.

To determine who has access to what and whether these access rights are appropriate in your organization, come and take a look at our award-winning Permissions and Privileges Analytics SolutionLepideAuditor.