You can’t protect your company’s data if you don’t know where it is
Information security experts and practitioners are united in the belief that we cannot prevent data breaches by building bigger walls around our networks.
As Gartner’s bluntly titled report, Malware Is Already Inside Your Organization; Deal With It argues “organisations must assume they are compromised, and, therefore, invest in detective capabilities that provide continuous monitoring for patterns and behaviours indicative of malicious intent.”
In a recent survey of corporate information security practitioners, published by Nuix and conducted by Ari Kaplan Advisors, a senior security official said, “That paradigm of relying solely on the perimeter is long gone; it is part of a security architecture, but it doesn’t even begin to be a dependable approach to security.” Another explained that “[Data breach] prevention is an unobtainable goal in the current environment so our focus is a very fast pathway to remediation because we know we cannot eliminate all compromises.”
Look inwards for greater insight
So, if the current approach to data protection isn’t working, what is the answer? Perhaps the answer lies in looking inwards at information management practices and policies as much as you focus on external threats.
Organisations must tackle data security on all fronts. On one level, this is a vastly complex undertaking that requires cross-border law enforcement and governmental collaboration and the development of more robust international standards. From a corporate perspective, it involves using better technology and more advanced security but also continuously advancing information security—not just ticking a box once you have implemented a perimeter defence system.
In this new paradigm, the main priority of information security is reducing the delay between when breaches occur and when you detect and deal with them. This requires rapid, thorough and effective post-breach investigation and remediation… Click HERE to find out more about this article
