Take a step back and look at the cybersecurity landscape, and it’s plain to see that malware attacks are on the rise. Symantec reported that malicious PowerShell scripts rose 1,000 percent last year, while new hardware vulnerabilities compromise millions of physical servers.
The IT skills gap continues to widen, according to experts including the World Economic Forum (WEF), frustrating human-led efforts to defend corporate networks. This is happening even as developing technologies such as artificial intelligence (AI) and automation promise a brighter security future — so long as organizations have the capability to integrate these tools across both legacy and cloud-based networks.
It’s therefore no surprise that a “glass-half-empty” attitude has emerged around effective cybersecurity. Help Net Security noted that the majority of chief information security officers (CISOs) are looking for bigger cybersecurity investments next year to help reduce overall risk and enhance their defensive posture, but rapidly increasing IT complexity creates a pervasive, persuasive myth: Overwhelmed by budget requirements, tech investments, employee training and information security talent gaps, enterprises logically conclude that effective cybersecurity is equally complex, perpetuating a kind of infosec ennui that sabotages even solid IT efforts.
Here’s the hard truth: Cybersecurity is still simple — it’s just not easy. The secret to cracking the IT complexity myth is getting back to basics with the three pillars of simple cybersecurity: visibility, vulnerabilities and veracity.
Keep IT Simple to Crack the Complexity Myth
It’s not all that shocking that organizations consider cybersecurity a complex, ever-changing challenge. According to a recent Dynatrace survey, 76 percent of chief information officers (CIOs) are “worried IT complexity will make it impossible to manage performance effectively.” Combine that worry with the continuous news feed of data breaches, code vulnerabilities and evolving attack vectors and it’s easy to see how CISOs and information security professionals become convinced that effective cybersecurity solutions must be as complex as the problems they solve.
In fact, the opposite is true. As renowned security expert Bruce Schneier noted 20 years ago in his 1999 blog entry, “A Plea for Simplicity,” the “worst enemy of security is complexity.” Why? Because the more complex a system or process becomes, the harder it is to visualize how it works, evaluate potential points of failure and ensure it’s working effectively.
It seems counterintuitive, but prioritizing simple security strategies is the best way to defeat evolving security threats.
Start With Visibility
The first line of defense against increasingly complex cyberattacks? Visibility. After all, you can’t protect what you can’t see. From on-premises data centers and private clouds to public offerings and mobile environments, greater visibility always equals better security. Processes that obscure lines of sight — even in the interest of reducing security workloads or combining multiple workflows — introduce elements of risk.
As noted by Dark Reading, getting back to the basic goal of visibility depends on dual technology functions: passive solutions capable of detecting new devices and unexpected processes and active tools that regularly poll network services to discover potential problems. Consider the concept from a physical security standpoint: Passive systems are like alarms that are triggered by specific events, while active solutions leverage technology-equipped personnel to regularly patrol offices and uncover emerging issues.
Understand Your Vulnerabilities
The easiest way for attackers to gain network access is to leverage existing vulnerabilities in applications, services or hardware. Open-source is a common threat vector, since published and newly discovered vulnerabilities can provide threat actors privileged access with minimal effort. As Security Boulevard pointed out, between 58 and 78 percent of all code in enterprise applications is now open-source. Third-party application programming interfaces (APIs) and misconfigured cloud services also ramp up vulnerability risk.
Where are you vulnerable? Why? How do you fix it? Answering these simple questions improves cybersecurity. While finding vulnerabilities across open-source code, third-party APIs and cloud-based solutions used by employees isn’t easy, the concept isn’t complicated: Know where you’re vulnerable to improve your response.
Here, organizations are often best served by outsourcing vulnerability detection to a reputable third-party provider. Given the sheer number of vulnerabilities present across custom-built, cloud-based and open-source applications, attempting to identify, categorize and prioritize them in-house can quickly overwhelm even experienced IT teams.
Ensure Data Veracity
Does all the data match? Are users who they say they are? Are processes legitimate in their intentions and resource calls? Is information reported about endpoints accurate to the staff experience? Here, truth will win out: Verifiable, reliable data significantly reduces the chance of a cybersecurity incident.
As Datanami pointed out, however, 55 percent of organizational data is “dark” — companies either don’t know it exists or aren’t utilizing this information. This also means they have no way to effectively evaluate its accuracy. While Computer Weekly noted that new technologies such as machine learning and artificial intelligence are set to take the world by storm this year, their ability to catalog available data and uncover its dark counterpart does nothing to ensure its veracity.
The solution here is, again, simple but not easy. Effective cybersecurity depends on the very boring practice of asset management — the regular, thorough evaluation of common data sources, their security controls and how users interact with them on a day-to-day basis. They’re not flashy and they’re not always fast, but by using reliable infosec approaches, such as strong encryption, multifactor authentication (MFA) and regular system updates, organizations can enhance data veracity and reduce overall risk.
Complex Threats Call for Simple Solutions
Evolving security threats, expanding skills gaps and emerging technologies conspire to create a culture of IT complexity, which remains the enemy of effective cybersecurity. Organizations should keep IT simple by leveraging better visibility to detect more vulnerabilities and ensuring data veracity to drive improved information security outcomes.