Page 134 - CDM-CYBER-DEFENSE-eMAGAZINE-December-2018
P. 134
example, an intern accessing the CFO’s files at 3am from an IP outside the office -- the company in
question will be alerted to the relevant risky or uncompliant behaviour.
Still, technology alone is never enough. Cyber crime used to be an elite activity, carried out only by those
with the appropriate coding skills, often targeting stationary endpoints. These days, with everyone
carrying mini-computers in their pockets, anyone can hire a hacker or try to sell company data from the
inside. Consequently, when humans are the perimeter, -- human security teams empowered by machine-
learning technology prove to be a formidable threat hunting force.
To this end, a robust company-wide education programme that encourages an open culture of security
is vital for keeping data secure. As well as regular and interactive staff training, even retro approaches
such as posters stuck onto office walls can help. Above all, the blame culture of IT security needs to
change, so that insider threats can be spotted and managed before they cause extensive damage.
Organisations that don’t silo security -- instead fostering a collaborative approach between IT, the C-
suite, and all other employees, educating and making everyone accountable -- will reap the most rewards
and stand the best chance of safeguarding themselves in this perimeterless world.
About the Author
Jamie is the VP of Product Management, Security Analytics, at ZoneFox
– a company recently acquired by Fortinet – which focuses on detecting
insider threats and other fraudulent activities by examining human
behavior using machine-learning. He spun the company out of his PhD
from Edinburgh Napier University. https://zonefox.com/
134
