You Will Be Breached
We’re always faced with trade-offs. Maybe it’s cleaning up technical debt versus adding new features. Hiring more sales reps or investing in customer success. These are tough decisions. But what about security? Threats are constantly evolving and solutions are too. Is it ever worth the trade-off? We might be tired of hearing about breaches – and maybe that’s part of the problem – but the reality is that you will be breached and if you’re not thinking that way, you should be.
In our recent podcast, I spoke with Kerry Bailey, CEO of eSentire. eSentire has been part of the Georgian portfolio since 2014. Kerry brings decades of IT executive leadership that spans early-stage to Fortune 100 organizations. We discussed how the digital transformation of business has led to increased cyber-threats and how AI is working alongside humans to tackle these increasingly sophisticated threats.
Here are my six takeaways from our discussion:
1. A Fast Reaction to Cybersecurity Threats Is Needed
We live in a highly distributed and hyper-connected world but we’re still using point solutions for security. Kerry stated that we need a “new style of security”. Point products are important, but you can’t use 50+ products. Businesses need to move to next-generation products that give full visibility of data, their users and offer fast reaction times.
2. Where is My Data?
The attack vector landscape has broadened because of this hyper-connectivity. Data flows across every aspect of our business, making asset tracking more complicated. When enterprises lose the ability to track assets clearly, cybercriminals can exploit the gap. This has created a reactive, not proactive culture – but we can change this.
Kerry explained that basic security principles still hold true. An enterprise still needs to know where assets are. Standard audits and vulnerability scanning are part of this. Incidents such as the Uber breach and others show that basic principles should still work, but organizations now must go one step further.
3. Next Step Evolution: You Will Be Breached
Companies need to recognize that they will be breached. Breaches can happen very quickly: On average it takes less than 10 hours for a cybercriminal to get in and exfiltrate data. Nobody can rely on “point in time” security. Instead, we need to be proactively looking for anomalies and patterns that give insight into an attack.
Whilst you should keep doing ‘defense in depth’ and standard security, an organization should also look for new approaches to get greater visibility.
4. Where Does AI Fit into This New Era of Cybersecurity?
Cybersecurity is a big data problem, and big data is the best use case in the world for AI. Think about which data feeds you can capture to get the information you need to see attack vectors – for example network data, endpoint data, cloud logs and any other logs.
eSentire uses an AI engine coupled with around 300 security experts. These experts look at ‘signals’ generated by the AI engine. This allows them to “…cut right through the noise to find the needle in the haystack and shut it down”.
5. Look for the Unknown, Not Just the Known
Threat prevention used to be built on signature detection. Now we need to look for anomalies and patterns of unusual behavior. This allows even unknowns, like zero-day attacks, to be identified. This is a move from reactive to proactive security. A ‘Security First’ approach is about human behavior analysis and risk management.
6. Security First – People, the Board and Technology
“I…appreciate when the company says security will be a differentiator for us”
Security is never going to be a technology fix alone. It’s important to make security everyone’s responsibility. The C-level should spearhead education and training on cybersecurity issues and this should be a board-level item, but nobody should be exempt. Cybersecurity starts with a culture of education. Communicate your messages clearly and frequently to make sure it gets embedded into your thinking on hiring, business strategy, technology and promotion.
Listen to the full podcast episode to find out more, including:
- Why there are no trade-offs when it comes to cybersecurity
- What types of data is used by AI-driven security analysis?
- How AI-driven cybersecurity analysis works and cuts through the data noise
- And, how cybersecurity is complicated by the human-factor