Guest Editorial by Andrea Hall, Red Hat
Trespassing. Breaking and entering. Grand larceny.
These could be considered physical equivalents of cyber attacks and data breaches.
When individuals and organizations endure such attacks, they typically take steps to mitigate future incidents; they install security cameras or fencing, or simply become more mindful about ways to safeguard their property.
In the last year, there were reports of cyber attacks against supply chains, universities, high tech manufacturing, the aerospace industry, and medical research companies, just to name a few.
Similar to their physical equivalents, the mischief makers behind these attacks trampled on an environment where they were not welcome, accessed or stole intellectual property and sensitive information, and disrupted business-as-usual.
Doubtless, many of the organizations that fell victim to these incidents adjusted their cybersecurity policies and procedures accordingly, just as they would have in the wake of a physical attack.
But, are those updates enough? Unless the organizations are looking beyond simply implementing new or updated security controls, they may not be.
Taking a holistic approach to cybersecurity
To defend against cyber attacks, mitigate their impacts, and protect valuable data, organizations must shift toward a holistic and measured approach to cybersecurity.
Instead of relying solely on traditional security controls and technologies, they must revisit their practices and processes—as well as their technical defense, detection, and response capabilities—and assess that they are mature enough to appropriately protect the information on their networks.
Organizations entrust others with handling sensitive data as a matter of doing business.
They often rely on third-party certificate authorization as part of their identity management solution.
As security is getting more complicated, these sorts of trust relationships cannot be built solely upon adherence to technical controls.
It will become more common that some type of verification is required to prove to data owners that appropriate security measures are in place before data is shared.
This will require an examination of practice and process implementations focused on developing exceptional cybersecurity hygiene, in addition to application of technical controls.
This shift is representative of how security minded behavior is just as important as a properly configured firewall.
Cybersecurity is culture
While the move toward this model causes its own types of disruptions, the message is clear: cybersecurity is culture.
Just as physical security requires people to remember the rules all the time (i.e., close the door behind you, don’t let anybody into spaces where they have no need to be, report suspicious activity), cybersecurity needs to be continuously front-of-mind for everyone.
Think of a person who has their car “broken into” because they left the doors unlocked; do you think they will make the same mistake again?
Individuals throughout an organization should be aware of the types of threats they face.
Many organizations notify their employees when suspicious activity has been detected in the parking lot and they shouldn’t walk out alone when it is dark.
Do organizations keep their employees as aware of the cyber threats?
If the answer is no, they should rethink the way they reinforce the need for good cybersecurity hygiene, and that security is everyone’s responsibility.
When individuals are aware of the threat and the possible personal impacts, they change their behavior.
The same can be true in cyber.
Awareness of the types and real impacts of threats in that realm can reinforce behaviors that reduce human error that opens doors for many cyber attacks.
(Every business understands the mandate to move quickly, or disrupt to avoid disruption. Technologies and tool kits to meet that mandate are only half the battle. DevOps Culture and Practice Enablement (DO500) is an immersive training course that provides an immersive experience around DevOps culture, modern software development practices, and modern application development architectures to enable organizations to achieve a new level of success. Courtesy of Red Hat and YouTube.)
Focus on people and processes for better safeguards
In short, there are good reasons why the term “people, processes, and technology” starts with people first.
Human behavior is a critical part of cybersecurity. Awareness of the threats can change human behavior for the better.
Processes and technology are still important, however. Indeed, cybersecurity maturity comes from the ability to complement technical controls with a holistic security model.
Organizations need to focus on optimizing their security practices and processes to safeguard against future threats.
(How do you transform your business and redefine what’s possible? Learn how Red Hat uses open source technology and practices to accelerate innovation and deliver meaningful outcomes for organizations. Courtesy of Red Hat and YouTube.)
Andrea Hall is a Solutions Architect on Red Hat’s North America Public Sector team.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos