Six principles for modern data security

NOTE: This is part 1 of a two-part look at the principles of modern data security.

Hacking and data theft are at an all-time high. The details and number of attacks, as well as, the ongoing prevalence of data theft are readily available to the reader. No industry is immune to breach or hack.

But the reasons for the massive surge in attacks are slightly more complicated. Advances in technology, availability and accessibility to tools, the prevalence of the dark web, and the growth of the social economy are all contributing factors to the outpouring of attacks.

Ultimately, the problem stems from the historical design of networks and the supporting infrastructure. Networks were designed using the “castle model”. The electronic ends of the network (i.e., your domain) represent the castle’s “technological” walls. Firewalls, malware detectors and intrusion detectors are the guarded gates of your domain. Defending in this scenario was easy when you saw the attack coming, and when attacks were limited to specific and repeated methods and were far less sophisticated.

But now that network castle is under siege. Hackers are swimming across the moat, firing flaming catapults. They are at the gates with a Trojan horse. Attacks are rampant, sophisticated, unique, and targeted—often infiltrating from within using domain administrators’ credentials.

Hackers are using increasingly complex algorithms as well as rudimentary techniques to breach organizations. In many instances, attacks even originate from internal resources by individuals simply not employing good cyber practices.

Hence today’s widespread problems.

Government agencies and commercial organizations alike need to address these compounding problems by securing the perimeter of their agency or organization, which many have started to do.

More importantly, they must secure the data, which is the real treasure. Data is what hackers and non-hackers want to obtain – to sell, hold for ransom, manipulate, and steal.

A holistic assessment of your organizations cyber security posture is critical. Cyber security cannot be an afterthought. All architecture layers should be assessed to ensure appropriate controls are put into place as applicable. Data level security is paramount and needs to be protected with more urgency.

Organizations should be going a step further to track real-time user behavior analytics and pervasive artificial intelligence to learn threat and risk behavior patterns and optimize outputs and alerts accordingly. Appropriate data protection can address most, if not all, of today’s hacks and breaches. A true cyber defense needs to consider end to end data intelligence and incorporate the following attributes:

• Solutions designed to track data across all platforms and domains, should provide the data owner with a full audit history, and data access is controlled, or rescinded by the data owner.
• Data ‘provenance’ including access by user, device, and identification of the data, over a duration of time.
• Establishing an enterprise wide view of data, access, control, and reporting.
• Provide a ‘single pane of glass’ security, control, audit and reporting. Exportable data for report generation, or automatic integration with other reporting systems or SIEMS
• Real-time analytics on user behavior
• Strong consideration for quantum proofing data

The high-level guidance on the core tenants of a robust data security solution are critical to institutionalize within your agency or organization immediately, protecting your data kingdom. In part 2, I discuss the technical considerations necessary to securing data.