Skip to main content

Ghosting the hackers

cyber attack
(Image credit: Image source: Shutterstock/GlebStock)

We often see humanity as a weak point in an organization’s cybersecurity stance. Looking at how cyber criminals and rogue sovereign states alike have acted during the Covid-19 pandemic, it seems to become even more true. For all of the advanced tech and software trumpeting the possibilities of digitalization, hackers are still betting on the human vector as their way into business systems, apps and sensitive data. The opportunities our humanity offers the cyber-criminal are where our greatest vulnerabilities lie, not in the systems we have and will develop.

And those vulnerabilities are all too human. It’s not only the greed that is often at the root of cyber extortion or espionage cases. But it’s also the fear we feel when a hacker masquerading as a bank employee tells us our accounts will be frozen unless we act now. It can also be the tiredness that we feel at the end of a long day. The email that’s supposedly from a supplier encouraging us to click on the link to receive our invoice – or face phoning their finance department. In the work from home era, it can also be our desire to stay connected. We’re using apps, software and even laptops or smartphones outside of IT’s control to speed up our work and coordination with colleagues. 

If hackers are a threat we no longer want in our lives, then we must all learn the art of ghosting the hackers.

Covering the basics

Cyber risks are a day-to-day reality of digital business. We are operating in a world accelerated by ever more sophisticated tech, systems and the hyper-connectivity of people and things. This is not just about hypothesizing and modelling future threats in simulated scenarios. The time to provision against risk is now, and in real, tangible and measurable terms.

Advancements and improvements in an organization’s cybersecurity are not often truly driven by some rarefied Corporate Theory for Strategic and Reputational effect. Instead, they are driven by the very real commercial and reputational impact of ransomware attacks that many companies have suffered from in recent years.

Most organizations would probably love to step back and take the time to design the perfect future-proof cybersecurity strategy – but with threats knocking on their doors every day, this is simply not a feasible strategy. However, organizations should still approach cybersecurity in an organized and systematic way. The vectors for attack have changed little - the back doors, flaws, weak points, and compliance gaps - they’ve just accelerated and become more widely distributed.

A validated framework - NISC or NIST - can help to secure an organization to a greater degree. But there is no such thing as 100 percent secure, so an equal focus must be placed on rescue and crisis response to mitigate damage in the event of a breach. Whereas similar processes and procedures are often completed merely as box-ticking exercises for compliance or insurance purposes, business attitudes are slowly beginning to shift towards every stakeholder being actively engaged in securing the business and being aware of their own role in that ongoing process.

A mindset pivot

We need to move from the old static risk evaluation approach – a focus on compliance box-ticking – to a new dynamic risk evaluation approach of damage-based assessment. This would have the effect of moving our world view from one of Cost of Security to Probability of Harm, a far healthier and more productive way to view risk assessment and evaluation in an organization.

Risk evaluation can only take this more dynamic form once there is clear visibility and the ability to influence, action and enforce cyber security objectives. This applies to both human and non-human identities in the workplace, as well as understanding how, when and why suppliers and other partners access an organization’s digital environments. A SailPoint survey into the State of IaaS found that 74 percent of companies are currently using more than one IaaS provider, a trend that has made keeping tabs on access more difficult for organizations to manage by themselves. Linking up visibility over multiple infrastructures can therefore mitigate a range of compliance gaps.

The challenge intensifies when we consider that security end points are now considerably more distributed than before. This is where technologies like automation and even AI-driven algorithms which apply cybersecurity policies quickly and in context can help. By taking some of the manual workload off security teams, the security strategy of an organization can be the best of human and machine approaches – both data-driven and people powered.

Business critical

The result is a security strategy that permeates all levels of an organization. The manner in which people and their identities are defined, secured, activated, and distributed across the company’s operational and management systems is central to building up cyber integrity and potent defenses against risk and threat. It also serves to maximize the value each user can create and capture, the commercial dynamism they can generate and the innovation they can drive. The speed and security with which users can both access and then move in through and around any organization and its data is critical to maintaining an optimal flow state for the organization – key to maintaining or gaining competitive advantage.

We can clearly see that identity intersects with the operational and management systems of a modern organization. The cyber health of any business therefore increasingly relies on the management board both understanding the complexities and potential impacts of substandard security - and acting upon what improved cyber security demands of them as a matter of high priority rather than executive discretion. A s the value of cyber insight and expertise becomes more evident, we may see a shift in the nature of leadership, starting with an upskilling of management teams. We can also expect to see the prominence of the CIO increase even further in coming years. As they move away from being an operations-only function, they will become a key value driver for the business and leading essential relationships. Their ability to evolve an organization’s work with customers, partners, suppliers and even government representatives such as regulators will help unlock innovation.  

Conclusion

How we turn our humanity to our advantage will be key to ghosting the hackers; we cannot rely on technology alone to solve our cybersecurity challenges if those systems cannot understand us. Systems will always only be as strong as the governance and management of every individual user. What’s more, with many industries underpinned by distributed supply chains that span the world, those systems are becoming ever larger and more complex. 

For all these challenges, the current industry mood is Do Not Despair. The very humanity that creates the possibility of threats and attacks also offers the solution and the barricade to further breaches. We just need to use our humanity as a strength and embrace it to help us succeed and reap the rewards of digitalization.

Steve Bradford, Senior Vice President EMEA, SailPoint

Steve Bradford is the Senior Vice President EMEA at SailPoint, leader in identity security for the cloud enterprise.