Divide and conquer
the threat landscape
One of the greatest
successes of effective
policies and effective
security teams is that
they make security
a company-wide
responsibility. Security
teams need the ability
to enforce policies when
necessary but they also
can’t spend all their time
chasing down employees
breaking the rules. That’s
why it’s critical to do two
things: ensure you have
a way to easily monitor
employee activity and
shift responsibility for
the company’s security
into the hands of every
employee and team.
do little to dissuade the employee
from using non-approved software and
services in the future.
Finally, it could be the complexity of
modern networks posing a challenge.
Most employees have multiple corporate
devices, cloud and SaaS applications
create more areas of the network that
need monitoring and BYOD further
expands the attack surface.
While not impossible, it may be too
challenging and complex for security
teams to enforce these policies on top
of their other responsibilities and without
affecting business productivity.
www.intelligentciso.com
|
Issue 14
You can’t enforce what
you’re not aware of and
while some might raise
concerns over privacy,
there are sophisticated
security tools that can
provide visibility into
employee activity without
raising privacy concerns. New tools
powered by Artificial Intelligence are able
to identify suspicious activity without
diving into the contents of emails or
documents but instead by mapping out
normal behaviour for every employee.
Visibility can help ensure that policies
are enforced equally and the AI is able
to quickly respond with an autonomous
action when policies are being broken
– ultimately ensuring that senior staff,
whose actions can have the largest
impact, are also held accountable.
One CISO I spoke to recently told
me that the biggest benefit of gaining
A set of policies
might be put in
place to appease
executives or board
members but an IT
team not supportive
of the initiative
could have no
actual intention of
implementing them.
visibility into his network was the open
lines of communication it had created
between employees and his security
team. He said now employees know
that someone on the security team is
monitoring their network behaviour.
Upon breaking policy, they’ll expect to
get an email from his team explaining the
risks and asking for their support in the
future. He described it as helping him to
create a ‘culture of compliance’ within
his organisation.
When the responsibility for cybersecurity
is shared by employees outside the
security team, policies that were once
perceived as a nuisance can evolve into
something respected by all.
Showing employees the consequences
of their actions and holding them
responsible can bring to light their role
in ensuring the company is secure. In
doing so, security policies will no longer
be thought of as rules that were made to
be broken and ensure an organisation is
more protected. u
65