Cyber Attacks

Lessons We Can Take From the Battlefield to Bolster Cybersecurity

Guest Writer
President and CEO, Perspecsys
4 min read
Opinions expressed by Entrepreneur contributors are their own.

In what seems to have become an almost daily ritual, millions of Americans regularly find themselves waking up to yet another large-scale cyber-attack against a high-value target, most famously right now the attack on Sony by, allegedly, the North Korean government.

As the world becomes increasingly connected and digitized, one revelation has become abundantly clear: traditional defensive mechanisms for protecting financial and personal information are not enough, and alone can no longer represent the best means for defending our critical data. Given the new reality of the situation it’s time we begin to look at traditional battlefield techniques for lessons in our ongoing cyber battle.

Related: FBI: North Korean Government Was Indeed Responsible for Sony Hack

A time honored defensive battle strategy is reducing the footprint of what needs to be defended, and then concentrating one’s defensive forces around guarding that perimeter. A comparable cyber equivalent to this strategy includes deploying modern day IT “weapons”: encryption and tokenization technologies. These technologies camouflage parts of sensitive data, such as payment card data and banking account details, essentially forcing would-be hackers to try to hit targets that are constantly moving and nearly invisible. Through the implementation of these defensive strategies, companies are able to better guard their perimeters by dramatically shrinking the number of systems where valuable data flows in the clear.

Removing targeted data from external systems, such as cloud-based software, creates an increasingly difficult task for our cyber-criminal enemies. While the natural inclination to address the issue of data traveling to cloud applications may be to block them entirely, the fact is, that does not represent a practical battle tactic. With the wide-spread adoption of the public cloud by enterprises, IT and security managers now have broader and growing “IT perimeters” where sensitive data (payment card data, healthcare data, banking data, etc.) can flow and that represent the new reality in which we live.

In order to achieve business objectives and ensure productivity, many cloud technologies, such as cloud-based customer support systems, need to have access to select aspects of “sensitive” data in order for users of these systems to do their jobs.

Related: CEOs Can No Longer Sit Idly By on Cybersecurity

For this reason encryption and tokenization solutions for the cloud must to be smart enough to not interfere with the operation of the cloud systems, but still safeguard the information that needs to be accessible via these enterprise systems. Now combining tight security with access that does not impede production can be a delicate balance, therefore we recommend adherence to these three critical considerations when making decisions:

  • Only strong, well vetted encryption and/or tokenization solutions should be used. Always look for solutions that have been audited by accredited third parties.
  • Enterprises need to maintain control of any and all encryption keys and/or the token vault, if tokenization is used.

  • Encryption/tokenization solutions must not interfere with the important aspects of the cloud systems that enterprise end users depend on, such as being able to search on names, account numbers, the last four digits of accounts, etc.

The cyber battlefield is evolving daily. New tactics and strategies are being deployed with regularity in what can only be described as a modern day arms race. In order to safeguard their critical assets, organizations need to take proactive steps to defend their digital footprint while ensuring seamless business continuity. By employing strategies learned from the conventional battlefield and coupling them with modern cyber defense technologies, enterprises can keep would-be enemies off balance and ensure productive operations.

Related: A Lack of Communication on Cyber Security Will Cost Your Business Big (Infographic)

More from Entrepreneur

David provides constructive insight to help businesses focus on their company growth, build brand awareness and know when and how to raise money.
Book Your Session

In as little as seven months, the Entrepreneur Authors program will turn your ideas and expertise into a professionally presented book.
Apply Now

Are paying too much for business insurance? Do you have critical gaps in your coverage? Trust Entrepreneur to help you find out.
Get Your Quote Now

Latest on Entrepreneur

My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.