Thought Leadership

Why Focusing on Information Security Alone is a Bad Move

Whay_Focusing_on_information_security__main__and_image1.jpg

If information asset protection is at the core of your security strategy, you’re in for a rude awakening. The traditional boundaries between information security, business processes, and even marketing activities are blurring. Limited by an obsolete division of responsibilities, most organizations are exposing themselves to disturbing levels of cyber risk. While the silent majority of security professionals acknowledges the imperative to shift gears, only a select few have the resources to make that shift happen.

To better understand the key challenges of today’s threat landscape and how to cope with them, we’ve put together this short list, complete with specific recommendations that can bridge the gap between information security and cybersecurity.

Key differences between cybersecurity and Information Security (IS)

1.  IS represents just one piece of the cybersecurity puzzle.
Cybersecurity management means looking beyond information asset protection to assuring the mission of the entire business. Your entire business ecosystem must be scrutinized, regardless of the traditional scope of IS (including: your supply chain, DNS registrar, social media accounts and more).

2.  Cybersecurity extends the focus from a single organization to an inter-connected ecosystem.
Cybersecurity is about the complex relationships between multiple parties. Approaching security as a sole entity while ignoring how cyber threats affect your competitors, partners, and suppliers could have devastating consequences. Understanding the risks induced by the organizations you’re engaged with is key to proper cybersecurity management. According to a KrebbsOnSecurity blog post, the infamous Target breach represents a case in point. The post-mortem investigation traced the breach to a third party refrigeration, heating, and air conditioning contractor with network credential access. Financial institutions in particular must scrutinize every business relationship as described in the Cybersecurity Directive 361 published by The Bank of Israel and compiled by CyberInt.

3. Cybersecurity spans the entire organizational infrastructure.
Expanding the focus from information security alone to the broader picture means looking at several other aspects of the organization – from business processes, marketing activities and even HR. The challenge is therefore organizational more than it is technological. It requires a new level of collaboration and communications between departments. Moreover, executive leadership are held personally accountable in severe cases of cyber breaches (like in Target’s and Wyndham Hotel’s cases, in which executives faced personal consequences). The most effective solution for this is to appoint a senior executive, empowered to deal with key stakeholders and lead a cross-departmental collaborative effort.

4.  Cybersecurity requires developing new capabilities
With the average ‘dwell time’ standing at 206 days (in 2014), it’s essential to extend your reach in both breadth and depth. Cybersecurity initiatives must proactively detect targeted intelligence in real time to ensure shorter detection time. And, once detection time is shortened, response capabilities and time to mitigation become key.

How can you secure assets that are out of your control by definition?

Social networks and other third parties are not going to do the cybersecurity heavy lifting for you. It’s up to you to go the extra mile to tie loose security weaknesses, including intelligence gathering, online asset protection, and continuously verifying the efficiency of your defenses:

1.  Gather Intelligence About Emerging and Existing Threats
Intelligence is the process of collecting, processing and analyzing information from a wide range of both publicly available and covert data sources – focusing on multiple sources. The real magic happens when the intelligence that is actually disseminated is targeted to your organization, actionable, and reaches stakeholders immediately.

2.  Protect your Online Assets
While social media and other online activities provide a unique platform for communicating with end users, they present new security challenges. Greg Young, of Gartner forecasts that over the next 3 years, we’ll see an exponential growth in manually distributed malware over social network platforms. However, new cybersecurity technologies can mitigate such risks dramatically. Finding the malicious activities beyond the perimeter and mitigating them in real time is key to successfully protecting your business.

3.   Continuously Test Cybersecurity Readiness
In order to test readiness to cyber threats, organizations must examine how effective your current security technologies and processes are. The best way to assess readiness is to simulate real life attack scenarios and to measure how malicious artifacts spread throughout the organization. All while assessing the speed in which the attack is detected and mitigated.
By aligning people, processes, and technologies based on measurable results most cybersecurity gaps can be easily addressed.

Learn how you can shift from information security to Business Mission Assurance.