The world of information security is a constant battleground between the good guys and the bad guys; as soon as one side gains an advantage, the other finds a way to counter it. It is a complex chess game of move and countermove, carried out without the opponents ever seeing each other.
In recent years, the security side has been looking to new technologies to make it harder for systems to be attacked. This has led attackers to shift their focus to the human angle and social engineering attacks.
The security industry is countering this with a move towards behavioural analysis; for example, if a user suddenly signs in from a different device or location, this could be an indicator of a compromised password. Similarly, accessing data in an unusual way or copying large amounts of data could be signs of an attack. As behavioural analysis systems become more sophisticated and use the so-called ‘deep learning’ of user activity, they can even spot differences in the way the mouse is moved or the keyboard is used to establish whether someone different is using a machine.
Protecting through hardware
Endpoint security management systems from a supplier such as promisec.com can do much to guard against attacks by guarding devices from intrusion. Increasingly, manufacturers are building in technology that can verify devices.
Intel’s Authenticate solution, for example, can sign devices into networks securely using the device itself as part of the process, cutting out the need for vulnerable IDs and passwords. This is particularly important for securing IoT devices, which historically have had lower standards and have thus been more vulnerable to attack.
One of the key motivations of hackers is to monetise data, either by locking it up to demand a ransom or by selling personal details and intellectual property on the dark web. Businesses are increasingly turning to encryption to keep their data safe; if data is encrypted, it can be safely and securely moved around the organisation but is useless if it falls into the wrong hands. Even if attackers breach the network, they are unable to monetise the stolen data.
Implementing encryption also helps businesses to comply with legislation such as the General Data Protection Regulation (GDPR) and ensure they remain compliant in the way they protect personal data.