Consider Cyber Security To Be A Person Versus Person Battle And You Will Win – Charles Leaver

Written By Michael Bunyard And Presented By Charles Leaver CEO Ziften

Cyber security is everything about people vs. people. Each day that we sort through the latest attack news (like the current Planned Parenthood breach) it becomes increasingly more apparent that not only are people the problem, in many ways, however people are also the solution. The opponents come in different categories from insiders to hackers to organized crime and State sponsored terrorists, but at the end of the day, it’s individuals that are directing the attacks on organizations and are for that reason the problem. And it’s individuals that are the main targets exploited in the cyber attack, usually at the endpoint, where people access their connected corporate and personal worlds.

The endpoint (laptop computer, desktop, smart phone, tablet) is the device that individuals utilize throughout their day to get their tasks done. Consider how often you are connected to your endpoint( s). It’s a lot, right? Not only are these endpoints susceptible (see the Stagefright Android vuln for a good example), the people at the endpoint are typically the weak spot in the chain that offers the opening for the attackers to make use of. All it takes is someone to open the incorrect e-mail, click to the wrong website or open the wrong file and it’s game on. Despite all the security awareness in the world, individuals will make errors. When talking about the Planned Parenthood breach my colleague Mike Hamilton, who directs the product vision here at Ziften, provided a really fascinating insight:

” Every organization will have people against it, and now those people have the methods and objective to interrupt them or take their data. Leveraging existing blind spots, cyber criminals and even hackers have easy access through vulnerable endpoints and utilize them as a point of entry to conceal their activities, avert detection, make use of the network and victimize the targeted organization. It is now more crucial than ever for companies to be able to see suspicious behavior beyond the network, and definitely beyond merely their web server.”

People Powered Security

It makes sense that cyber security services ought to be purpose built for individuals that are protecting our networks, and keeping track of the habits of the people as they utilize their endpoints. But generally this hasn’t been the case. In fact, the endpoint has actually been a virtual black box when it comes to having constant visibility of user habits. This has caused a lack of info about what is really taking place on the endpoint – the most susceptible part in the security stacks. And cyber security services certainly don’t appear to have the people defending the network in mind when silos of diverse pieces of information flood the SIEM with so many false positive alerts that they cannot see the genuine hazards from the benign.

People powered security allows viewing, inspecting, and responding by analyzing endpoint user habits. This needs to be done in a manner that is pain-free and quick due to the fact that there is a substantial lack of abilities in companies today. The best technology will enable a level one responder to deal with the majority of suspected risks by delivering basic and succinct information to their fingertips.

My security master coworker (yeah, I’m fortunate that on one corridor I can talk with all these folks) Dr. Al Hartmann says “Human-Directed Attacks require Human Directed Response”. In a recent blog, he nailed this:

” Human intelligence is more flexible and creative than machine intelligence and will always ultimately adjust and defeat an automatic defense. This is the cyber-security versio of the Turing test, where a machine defense is trying to rise to the intellectual level of a skilled human hacker. At least here in the 21st Century, machine learning and artificial intelligence are not up to the task of completely automating cyber defense, the cyber attacker undoubtedly triumphs, while the victims lament and count their losses. Only in sci-fi do thinking machines overpower people and take over the planet. Don’t subscribe to the cyber fiction that some autonomous security software will outwit a human hacker enemy and conserve your organization.”

Individual powered security empowers well informed dynamic response by the people trying to thwart the opponents. With any other method we are simply kidding ourselves that we can keep up with opponents.