Johannesburg, 03 Oct 2018
Transparency is the cure to the disease that is corruption. In our hyper-connected world, where we generate 2.5 quintillion bytes of data per day, we potentially have the information we need to legally foster transparency, says Tallen Harmsen, head of cyber security at IndigoCube.
We can use technology in three ways to foster transparency in our organisations, both public and private:
1. Transparency through data
Big data is not a new tactic, but it helps us be faster and more efficient. We need the analytics engines and tools today to help us bring all the data together for analysis. Data is currently generated, stored and consumed in a wide number of formats and, while there are initiatives to create a standard, it isn't yet available.
We need to analyse data from a wide number of sources, with the ability to ingest third-party intelligence, to gain transparency of our organisations, processes, events, people and more. And we have to do it in near real-time, because it's no good discovering corruption years down the road. We have to try to pin down the connections, the patterns, the links that exist between the different pieces of data, like detectives finding a killer using all the clues, maps, forensics, victim routines, and more. We can use big data to automatically map associations and links between people, accounts, locations, times, activities and so on.
2. Accountability through behaviour
We are creatures of habit. We run on routine or patterns, which create baselines for predicting or flagging deviations or code of conduct infractions. We can create surprisingly sophisticated baselines that allow us to detect compromised social media or business user accounts, standard accounts used for fraudulent or corrupt activities, or privileged account abuse by people trying to avoid accountability.
We could see, for example, when a long-time employee's behaviour suddenly changes that results in a warning from HR. It creates a flag in the system. Another flag is raised when she uncharacteristically arrives early and leaves late one day and, during those hours, attempts to access a system for which she is not authorised. Minutes later, the computer of a colleague who is authorised, who happens to be on leave, is used to access the system. Network traffic from the system is then also flagged and it's learned that the machine is being used to transfer sensitive corporate data to an unsanctioned cloud file storage service. These flags together alert someone that suspicious behaviour is under way and requires closer inspection.
How many of us monitor this level of activity and behaviour on our networks right now? How do we know that our employees aren't putting our businesses at risk? And are we monitoring shadow IT, which could be an enormous hole in the system?
3. Threat intelligence
Right now, most of us use about 20% of the Web. Beyond Google, Bing and everything connected to them and other legitimate search engines lies the dark Web. For most of us that means a dark and scary place, but the reality is that only a limited portion of it really is. However, it is home to underground sites like Silk Road used for drugs, extortion, and other nefarious deeds. These are the places where hackers go to chat, discuss their endeavours, get advice, share information with one another, do deals, and boast of their exploits. Imagine being a fly on the wall in places like Silk Road. You could use the 'intel' to arm your business against hacker threats, fraudulent behaviours, leaked identities, vulnerabilities, compromised credit cards and bank accounts, health records, and more.
I have seven questions to help you begin securing your business against corruption and other fraudulent behaviours:
1. Do you know of threats outside your walls or do you look internally only?
2. Do you put resources into your security?
3. Do you collect the right data?
4. Is there a process outsiders can use to alert you of data breaches?
5. Are you proactive?
6. Have your users gone phishing?
7. Do you know what threats are out there and can you deal with them?
It's also important to remember that a lot of corruption doesn't occur within our borders. It's digital so it occurs anywhere. And it occurs in many other languages, such as Korean, Russian, standard Chinese, and others. Our intel feeds must be able to translate it.
We must also remember there is no silver bullet to fighting corruption and the many cyber security issues that plague modern organisations. But, every step we take is another step in the right direction. Right now, we must have visibility into what activities occur in and around our businesses so we can begin to stop the bad ones.
Share