What is the most effective method of data protection for the enterprise?
This is a question that must plague those in charge of an organisation’s data and security. There are so many solutions out there, and there is certainly no ‘silver bullet’ for cyber security. What is a CTO, CISO or CSO to do?
There isn’t one solution
There isn’t one solution or method to cyber security, explained Jason Hart, CTO of Data Protection for Gemalto.
“The best solutions vary depending on the nature of an organisation, the data it stores and the industry it operates in. For any business, what’s most important is being aware, by understanding the types of data it stores, and which bits need to be protected.”
>Read more on The Gemalto CTO: Beating ‘cybercriminals at their own game’
“Before it even thinks about the solutions it should be using, a business needs to know what it’s trying to protect and where it sits. Unless it does that first, there’s no guarantee that any solutions put in place will be fit for purpose.”
Security solutions can include two-factor authentication, encryption and key management. These technologies and services – if applied in the right setting – can help businesses authenticate identities and protect data. This will improve the protection of the increasing number of personal devices, connected objects, in and between the cloud.
The changing cyber security landscape
In an ever-changing cyber security landscape, how you protect your business also changes. It is not a case of implementing a security solution and leaving it. Security should be reviewed on a continual basis.
But, why is the cyber security landscape changing at such an explosive rate?
>Read more on Cyber security best practice
Aside from the creativity of hackers, their grievances towards corporate greed and their draw to anarchy, the rise of the IoT has contributed to the changeable security space.
The increase of IoT devices has created an ever-expanding number of entry points for hackers to access a network through.
“Unfortunately,” said Hart, “many IoT devices only have default passwords in place to protect them, and these can often be easily guessed by hackers looking to gain access to the device. This means there are potentially billions of connected devices which are exposed to hackers, who can use them for everything from data manipulation to launching DDoS attacks.”
Change your attitude to security
The IoT boom, and subsequent security risks, means that businesses across industry have to change their attitude to device security.
“It’s not just the devices themselves that need to be protected, the whole data life cycle becomes vulnerable if a device is breached,” said Hart.
“Data must be protected from the point it’s created, through any devices it’s exposed to, and finally to its resting point. If at any point there is a vulnerability, then data may be altered or stolen – rendering it useless to the organisations or people that depend on it.”