Lessons We Can Take From the Battlefield to Bolster Cybersecurity
In what seems to have become an almost daily ritual, millions of Americans regularly find themselves waking up to yet another large-scale cyber-attack against a high-value target, most famously right now the attack on Sony by, allegedly, the North Korean government.
As the world becomes increasingly connected and digitized, one revelation has become abundantly clear: traditional defensive mechanisms for protecting financial and personal information are not enough, and alone can no longer represent the best means for defending our critical data. Given the new reality of the situation it’s time we begin to look at traditional battlefield techniques for lessons in our ongoing cyber battle.
A time honored defensive battle strategy is reducing the footprint of what needs to be defended, and then concentrating one’s defensive forces around guarding that perimeter. A comparable cyber equivalent to this strategy includes deploying modern day IT “weapons”: encryption and tokenization technologies. These technologies camouflage parts of sensitive data, such as payment card data and banking account details, essentially forcing would-be hackers to try to hit targets that are constantly moving and nearly invisible. Through the implementation of these defensive strategies, companies are able to better guard their perimeters by dramatically shrinking the number of systems where valuable data flows in the clear.
Removing targeted data from external systems, such as cloud-based software, creates an increasingly difficult task for our cyber-criminal enemies. While the natural inclination to address the issue of data traveling to cloud applications may be to block them entirely, the fact is, that does not represent a practical battle tactic. With the wide-spread adoption of the public cloud by enterprises, IT and security managers now have broader and growing “IT perimeters” where sensitive data (payment card data, healthcare data, banking data, etc.) can flow and that represent the new reality in which we live.
In order to achieve business objectives and ensure productivity, many cloud technologies, such as cloud-based customer support systems, need to have access to select aspects of “sensitive” data in order for users of these systems to do their jobs.
For this reason encryption and tokenization solutions for the cloud must to be smart enough to not interfere with the operation of the cloud systems, but still safeguard the information that needs to be accessible via these enterprise systems. Now combining tight security with access that does not impede production can be a delicate balance, therefore we recommend adherence to these three critical considerations when making decisions:
- Only strong, well vetted encryption and/or tokenization solutions should be used. Always look for solutions that have been audited by accredited third parties.
Enterprises need to maintain control of any and all encryption keys and/or the token vault, if tokenization is used.
Encryption/tokenization solutions must not interfere with the important aspects of the cloud systems that enterprise end users depend on, such as being able to search on names, account numbers, the last four digits of accounts, etc.
The cyber battlefield is evolving daily. New tactics and strategies are being deployed with regularity in what can only be described as a modern day arms race. In order to safeguard their critical assets, organizations need to take proactive steps to defend their digital footprint while ensuring seamless business continuity. By employing strategies learned from the conventional battlefield and coupling them with modern cyber defense technologies, enterprises can keep would-be enemies off balance and ensure productive operations.