Page 50 - Cyber Defense eMagazine February 2024
P. 50
Weighing Down Cyberrisk Options: How to Make
Objective Cybersecurity Decisions Without Negatively
Impacting the Organization’s IT Teams?
By Mike Starr, CEO of Trackd
It’s often paid lip service to (or worse, intentionally neglected), and rarely appreciated, but there’s an
operational cost to be paid for security. Security controls create inefficiencies, and those security
measures can also introduce operational risk. By way of example, I recently came across an intriguing
new anti-malware product that uses behavioral analysis to predict when file encryption is unauthorized,
and therefore indicative of a potential malware attack. When it identifies such a scenario, it locks the
encrypted files and those with access to them. Although a valuable backstop against perhaps the most
common attack today, there is an undeniable operational risk that a false positive could temporarily deny
file access to legitimate users, impacting the organization’s productivity. In this case, likely a small price
to pay for a critical layer of security, but it’s important to appreciate that the operational cost is finite, and
the risk is non-trivial.
Cyber Defense eMagazine – February 2024 Edition 50
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.