INDUSTRY VIEW
Battling negligence
Negligence is a primary cause in most cybersecurity incidents and covers adding unsecured devices on the network , unprotected passwords , deviating from an organisation ’ s security policies , not upgrading and patching applications , and so on . It can also cover unknowingly clicking on malicious links and sharing passwords with other team members .
Awareness levels
In most cases , reasons for negligence can be linked to a lack of awareness of the consequences ahead . IT and security decisionmakers should implement regular security awareness training programs and a culture of positive cyber hygiene . Security awareness training programs for employees must cover a wide range of topics including phishing , password hygiene , social engineering , and reporting anomalous behaviour .
Behavioural analytics
Behavioural analytical tools first build up a behaviour pattern that defines a state of normal user activity across the enterprise . This includes login times , login locations , workflow patterns , data ,
resource access and so on . Behavioural analytical tools monitor real time activity of workers against this baseline of normal activity and flag deviations when they happen . Using this baseline , user attempts to access unauthorised resources , unauthorised actions , and movement of data , for example , will stand out .
Access to data
Another important best practice to curtail insider threats is to implement a comprehensive approach to data security and data privacy . Data Security Posture Management or DSPM tools can
Incidents involving compromised users have racked up costs amounting to over $ 16.2 million globally , and cloud infrastructure has been the primary target .
help enterprises prevent data leakage by implementing policies and controls to protect sensitive data from unauthorised access , sharing , and movement .
DSPM classifies data based on sensitivity levels and applies controls to protect it , such as encryption and data masking . DSPM also implements control on who can access the data with measures such as multifactor authentications . DSPM monitors and logs all access to data and its usage , enabling security teams to detect suspicious activity in real time . DSPM can also generate alerts and notifications in real time .
Scheduled audits
How effective the above measures are can be amplified through a process of regular and scheduled audits . Audits should be conducted regularly and cover cloud infrastructure , access controls , user activity , and data transmission . These audits reveal deviations in user behavior and cloud infrastructure activity such as file sharing , copying , or deletions . Security gaps and vulnerabilities are also revealed through audits , that are rectified through recommended actions .
Ultimately , IT and cloud decisionmakers need to select the right vendor-led solutions that can protect cloud-centric vulnerabilities from all attack surfaces , including endpoint , identity , and networks , emerging from external and internal threats . Today , much of this is being driven by AI and ML , and decision-makers must look for vendors that are leveraging automation in their solutions . •
INTELLIGENT TECH CHANNELS 17