Thales Blog

CISOs Are Focused On Defending The Perimeter, The Real Threat Lies Within

May 6, 2014

In my last post I outlined the difficulty organizations are having in preventing insider threats, despite increased incidents and awareness. Much of this stems from the nature of the “privileged user,” which changes as organizations grow, requiring additional access at a time when their own corporate networks grow increasingly complex.

Right now CISOs are spending up to 80% of their security budget on perimeter defenses such as anti-virus software, firewalls and limiting outside connections to the network. The problem is that over half of respondents to Ovum’s recent report shared that their biggest concern is not outside threats but rather everyday users with network access. Options to limit user threats include limiting access or making users work in a virtualized environment. Both of these options are typically quickly shot down as they slow down productivity and lead to employee dissatisfaction.

It’s wrong to assume that an insider threat will likely come from a disgruntled employee out of a bad hacker movie or one whose credentials where compromised because they clicked on a link about dancing cats. As the same report notes, half of UK-based businesses said that “privileged users,” those being admins and network specialists, actually pose the biggest threat because their compromised accounts can cause the most havoc. Not the most confidence—building thought regarding who’s taking care of your data.

As it turns out the best way to safeguard your data is to actually increase the protection directly around it: inside the perimeter. That means encryption and transparency, which is exactly what Vormetric’s two pronged approach recently won an award for. CISOs need to:

  • Protect your data with encryption and limit access to those who need it when they need it
  • Log and monitor who and what accesses your data to spot potential compromises

The above doesn’t change much when it comes to a cloud environment, which a recent Bitglass report showed is having a slower adoption rate than originally thought because of—surprise—security concerns. Respondents of the report have increasingly become afraid of stormy cloud computing weather, a fear that has grown by 42 percent from 2011 to 2013.

But just like the need to adapt to insider threats, companies have to adapt to similar challenges in a new environment, especially to keep from having to play catch up in. A cloud security solution calls for two things: scalability and simplicity.

  • Scalability—Make sure your security solution can scale, easily encrypt and doesn’t hinder performance.
  • Simplicity—a monitoring system should be put in place that is both simple, reliable and works on a variety of environments.

Overall, CISOs should be focusing more on best securing company data from within. A central management approach with visibility, specified access and encrypted data is what will best thwart growing insider threats. With encryption becoming increasingly easier to implement, there’s really no excuse for not protecting your data, regardless of where it is.