The scope of cybercrime continues to grow with increasing sophistication as do the tools to combat that crime. Yet breaches are still as much of a risk as they ever were. Providing technology solutions that work the way people work is at the heart of our business and our cybersecurity solutions are no exception, which is why we have partnered with Tessian and Arctic Wolf, who have both developed machine driven security solutions to help address the human risk element of your security processes.
At the first in our Autumn series of events, both of these businesses explained their innovative approaches to tackling this problem.
The state of Data Loss Protection (DLP) and the human layer approach
Specialists in email security, Tessian use behavioural intelligence modelling help protect employees from themselves. Their research highlights that data loss incidents happen 38 times more often on email than IT leaders think and that often the first line of email defence is often missed and reliant on how effectively people use email. In addition, incidents like account takeovers are more successful in legal and professional firms and financial services.
Tessian argue that the approach to DLP needs to change. It is too admin heavy and email is the biggest risk area. By addressing the human layer of email use rather than the email data itself, they can significantly reduce the risk of cyberattack or data loss.
Their approach risk scores individuals across the business over a period of time, taking into consideration a number of factors including keywords, current email behaviour and individual risk of being targeted by malicious email, with their product suite addressing both inbound and outbound email for different reasons.
The beauty of Tessian’s tools is that for the user, the notifications are relevant, non-intrusive, simple and straight forward and cut through the tech jargon, providing context and useful next steps for the user to address the issue effectively.
For IT and compliance teams it gives them a dashboard view of the areas of vulnerability across the business, where they would have been reliant on the users to pass them that information in the past. Providing them with the ability to pinpoint areas to address through remediation or training. Clients who use the tools have also seen changes in user behaviour where they have become more considered of their use of email over time.
Cybersecurity has an effectiveness problem
Arctic Wolf take a different approach with their machine learning. They argue that the effectiveness problem doesn’t lie in the tools used to detect the problems but through alert fatigue that comes from businesses not having the time, people or processes to pinpoint the breach. Their switch in thinking comes from shifting from a tools mindset to an operational mindset. Alerts are all well and good but if there is not enough people to respond to it or know which one to address first then your business is still left vulnerable.
Using a cloud-native security analytics platform, Arctic Wolf centralise data from all possible sources relating to a business’ network and security including the dark web. By stitching together logs, other MI and threat intelligence are able to find and prioritise the real threat alert. This reduces threat and data breach detection from 6 months to an incredible two minutes!
Arctic Wolf then provide a concierge security team to work with you to remediate faults, weaknesses in your environment and help with recovery. Machine learning can take you so far but combined with human insight analysis, they are able to provide an holistic view and precise remediation.
Training rethink needed
Both Tessian and Artic Wolf also pointed out at that traditional training for users on cybersecurity is not hitting the mark. They identified that after training every 1 to 3 months employees are still twice as likely to send company data to their personal email accounts and will still make basic mistakes when it comes to identifying phishing emails or sending to the wrong person.
So training needs to become contextualised using things like in-the-moment training where they need to think on the spot and behavioural ‘nudge’ techniques to change mindsets. Using gamification and dark web monitoring so users can improve their behaviour and have a better understanding of the risks as it applies to them also takes away the false security around the ‘it won’t happen to me’ effect.
If you have sleepless nights over data loss in your business or feel you are being overwhelmed by alert fatigue, then please speak to us to find out more.