Keeping up with increasing security risk of mobile-cloud era

By Christo van Staden for Forcepoint
Johannesburg, 01 Jun 2018

Christo van Staden - Forcepoint Regional Manager: Sub-Saharan Africa says if one looks at how cybersecurity has traditionally been approached up to this point, it's centred on threat-centric responses.

The two mega-trends of cloud-based applications and mobile devices have been a boon for company productivity, agility and innovation. The mobile-cloud combo empowers employees to work and be productive literally anywhere. However, the mobile-cloud era has created a conundrum for cyber security teams.

Christo van Staden, Forcepoint Regional Manager: Sub-Saharan Africa, says if one looks at how cyber security has traditionally been approached up to this point, it's centred on threat-centric responses.

"You built a wall around your perimeter, controlled access in and out of that wall, and when something bad happened, you responded. That was effectively your defence, and it was relatively easy to implement," he explains.

Today, the traditional perimeter has dissolved, primarily because of two changes within the enterprise: the rise of the mobile employee and the wide-scale adoption of cloud services. By the same token, cyber activity, once easy to define as "good" or "bad", has become nebulous.

This poses a crushing problem to threat-centric security, whose static policies are forced to make decisions about cyber activity with no insight into its broader context. The result is a disproportionate number of flagged activities, overwhelming security teams who have no way to understand the ones most worthy of investigation.

He says today's data protection options are limiting. "IT security protects data in different ways, using a variety of different tools. These tools are designed to do the same thing, protect data, but none are really that effective."

"That's because they use static, threat-centric policies to block or allow access to data. That was acceptable when everyone worked within a perimeter. There are issues with siloed tools as well. An effective solution should cut through the noise of alerts and highlight early warning signals to prevent the loss of important data," he adds.

However, there is a new paradigm. Instead of trying to extend the traditional, event-centric approach by adding more layers or crunching more data, one needs a paradigm shift that places human behaviour at the centre of cyber security.

Cyber security professionals need to focus on two constants, people and data, and where the two come together to conduct business.

"It's much easier to classify an action once you understand why someone took the action. This is at the core of increasing the efficacy of security organisations. Prepare for the next level in user and data security with the integration of the market's most powerful endpoint and user behavioural analytics," he concludes.

Forcepoint (www.forcepoint.com)

Forcepoint is the global human-centric cyber security company transforming the digital enterprise by continuously adapting security responses to the dynamic risk posed by individual users and machines. The Forcepoint Human Point system delivers risk-adaptive protection to continuously ensure trusted use of data and systems. Based in Austin, Texas, Forcepoint protects the human point for thousands of enterprise and government customers in more than 150 countries.

Editorial contacts