Today is International Podcast Day — a celebration of the continuing relevance and expanding reach of these bite-sized audio efforts. The SecurityIntelligence Podcast has been hard at work over the past nine months delivering actionable and insightful content to help enterprises defend critical assets, develop new IT strategies and discover what’s on the infosec horizon.
The SecurityIntelligence Podcast: A Year in Review
This year’s security podcast lineup tackled everything from national cybersecurity trends to zero-trust management frameworks, security automation tools, expanding security operations center (SOC) development, essential encryption practices and the road to cloud transformation.
This year’s thematic thread? Information security is evolving. While essentials such as encryption remain critical for day-to-day defense, new tools and tactics are required to stay ahead of emerging threats and develop effective incident response.
Here’s a quick roundup of this year’s most potent podcast packages.
“It’s not possible to build completely secure systems.” — NSA Deputy Director Bill Crowell
On a national scale, malware and phishing remain the two top threats. For Crowell, the widening skills gap and lack of enterprisewide infosec adoption hamper effective defense. But it’s not all bad news; while security solutions can’t offer perfect protection, equipping the right people with the right tools can significantly reduce total risk.
Hybrid IAM is the holy grail of zero-trust access.
On this episode, intrepid hosts David Moulton and Pam Cobb dove headlong into the zero trust discussion with IBM Competency Leader for Europe Bert Vanspauwen. Their collective conclusion is that while identity and access management (IAM) systems are critical aspects of enterprise infosec, users don’t pay attention until they’re not working properly. Then, as Vanspauwen pointed out, “Everyone is really upset and they’re super expensive to replace.”
Hidden, transparent and hybrid IAM solutions offer a way to implement zero-trust access at scale without losing control over key data points. Zero trust isn’t a zero-sum game; effective IAM tools help enterprises come out ahead.
“You can never have too much encryption.” — Stephanie Balaouras, research director for the security and risk team at Forrester Research
The title and quote say it all; there’s always room for more encryption. With 68 percent of enterprises reporting a data breach in the last 12 months and most IT teams taking a piecemeal encryption approach, Balaouras recommended a holistic strategy: Define critical data assets, analyze them for additional context, and then protect data enterprisewide via archiving, deletion, IAM, end user analysis and — you guessed it — more encryption.
Lateral attacks are built for speed.
According to Joey Victorino, IBM Incident Response and Intelligence Services (IRIS) incident response consultant, lateral attacks can infect systems in four seconds or less because they “happen as quickly as the computer can process commands, rather than requiring the actual individual to type things out.”
Designed to access and control remote systems in a network, lateral attacks target critical information such as cached user credentials, in turn granting hackers access to critical infrastructure and data. For IBM threat intelligence expert Charles DeBeck, effective defense requires a three-pronged approach across strategic, tactical and operational domains.
“Every vendor will bring its own brand of risk to your business.” — Shamla Naidoo, IBM managing partner and security expert
Next on our Podcast Day roundup is risk. As noted by Naidoo, “third parties have become a really important part of the security ecosystem.” But as this security podcast pointed out, third-party risk reports are now critical to evaluate potential provider pitfalls.
These reports aren’t enough in isolation. Naidoo advised security teams to define specific expectations for third-party providers, validate all outcomes and proactively measure security in situ to ensure vendors aren’t introducing new infosec risk.
According to the “2019 Cost of a Data Breach Report,” it takes companies 314 days to fully identify and remediate malicious attacks.
Although response times are slowing compared to 2018, Dr. Larry Ponemon pointed out that 51 percent of data breaches now “fall into that category of malicious or criminal attacker.” This is good news for organizations, because it means the number of internal, employee-caused breaches is falling, in part thanks to “a much higher level of sensitivity about privacy and data protection within organizations.”
And while Dr. Ponemon noted that it’s impossible to achieve zero data leakage, advanced security tools such as automation and artificial intelligence (AI) paired with a well-oiled security incident response team can reduce total breach costs by up to $1.2 million.
“[Destructive malware] has the capability to render an effective system inoperable and also challenges reconstitution.” — Charles DeBeck, senior threat intelligence researcher at IBM X-Force IRIS
While typical malware variants look to lift information or compromise key systems, destructive malware has another agenda: deleting critical files or overriding master boot records. Originally used by “all nation-states all the time,” destructive strains are now being leveraged by cybercriminal groups to cause significant damage — damage that’s 61 times more expensive than a typical data breach.
Defending against destructive strains requires continuously evolving incident response plans that include AI solutions, multifactor authentication (MFA) tools and effective communication strategies.
“Cloud is the road to a destination. It is not the destination, and the destination is either transformation to help you innovate or drive modern experiences for your customers.” — Vikram Chhabra, IBM global director of offering management and strategy for the cloud and infrastructure
Cloud migration is critical for corporate success. But how do companies tackle emerging challenges such as securing key talent, identifying security baselines and ensuring data compliance? For Chhabra, the key lies in making security “an enabler for the cloud” rather than a restriction. This requires a combination of infosec automation, strategic intracompany partnerships and in-depth evaluation of cloud-native security tools.
Listen In This International Podcast Day
2019 featured big data breaches, key infosec advances and increasing chief information security officer (CISO) recognition that although risk can’t be eliminated, it can be significantly reduced.
Want to stay ahead of the curve with the latest in cybersecurity insight? Get up to speed with the SecurityIntelligence podcast.