[Editor’s note: This guest post comes to us courtesy of tech consultant Rick Delgado. To submit guest articles email erik@bernsteincrisismanagement.com]
As the ever changing cyber security threats continue to rise, businesses are eager now more than ever to protect their company networks, computer systems, and confidential information. Having a strong cyber security program is necessary for developing and conducting the right safety measures that will ultimately protect an organization’s data, resources, and assets. However, in addition to the advanced techniques of hackers, with more and more devices that are adopted by businesses creating their own data, storing personal information, and coming equipped with internet capabilities, there are more routes available for hackers to access this information and therefore more opportunities for a business to experience a security breach.
It is important that businesses and other institutions have access to the best talent and technology in order to keep up with and surpass the efforts and persistent threats of cyber hackers. With these constant shifts in technology, whether they be improved data storage or intelligent video analytics, traditional security protocols are just not enough anymore. As businesses look for new security solutions to invest in, they should consider approaching their cyber security efforts in a more methodical way. Specifically, businesses need to find methods that allow for adequate time to perform security monitoring measures without slowing down networks or interfering with a user’s experience. Here are two systematic techniques businesses can use in their cyber security criteria.
Second-Level Screening
Security monitoring and network gateway devices prove to be some of the most fundamental tools within a business’s information security system. However, in order to keep everything running smoothly, these programs are often required to make judgement calls very quickly. While these indicators are fast, they can also be unreliable. This rushed decision making process can lead to errors, both with rejecting clean files and admitting malware. In order to prevent misjudgments but still allow for a speedy detection process, businesses should invest in security architectures that rely on second-level screening processes. Using an additional screening procedure allows for files that originally passed through the quick scan to be examined more carefully. This second screening can use slower but more reliable processes such as detonation, static analysis, and other methods to ensure better and stronger security systems. If infected files did have the opportunity to make it past the original scan, second-level screening will be able to alert a business of this breach, giving them the chance to respond and recover from any damages before they are too severe.
Isolated Web Scanning
Just as using a second-level screening process allowed for slower but more efficient analysis of incoming files, it is important that cyber security monitoring systems have more time when interacting with the web. Traditionally, security systems were able to protect their network from malware sent through email, however, many cyber hackers are now using infected links to the web within emails instead of directly inserting malware. Some security systems attempt to scan these links, but unfortunately these sites can detect when these scanners have accessed the link and can either create complex pathways or present a clean site. In order to protect a business from malware accessed through the web, organizations need to invest in security programs that isolate the browser from the data flow and its movement of the file to the desktop. This separation can keep this data contained while the security monitors have time to analyse and detect whether or not it presents a threat. Incorporating this method of isolation allows for data to be processed without affecting a user’s experience on the web. Additionally, this security protocol only needs to scan files that the user wants to save.
Approaching your cyber security program with these two methodical ways in mind will allow your security systems more time to analyze incoming data and provide more accurate results. By investing in systems with second-level screening and isolated web scanning abilities, businesses will be able to be better prepared for security threats. As data breaches become more and more sophisticated over the years, they also become more complex and expensive. It’s estimated that over the past few years, the average cost of an information breach has increased by 29 percent. It is important for businesses to remember that it is far less expensive to prevent a security breach than it is to pay for the damages of one.
Rick Delgado is a business technology consultant for several Fortune 500 companies. He is also a frequent contributor to news outlets such as Wired, Tech Page One, and Cloud Tweaks. Rick enjoys writing about the intersection of business and new innovative technologies.
Jonathan L. Bernstein, founder and Chairman of Bernstein Crisis Management, Inc. has more than 25 years of experience in all aspects of crisis management – crisis response, vulnerability assessment, planning, training and simulations.
Erik Bernstein is president of Bernstein Crisis Management. Erik started with BCM in 2009 as a writer and subsequently became social media manager for the consultancy itself as well as for a number of BCM clients before moving to the president position.