Creating the Cyber Fortress
Experts Share 7 Habits of Unassailable Organizations
It doesn’t matter how advanced your security technologies and tools are. Without proactive planning, action and oversight, the workplace is an open door to cyber bad guys.
With the right combination of ‘people smarts’ and technology, however, breaches can be quickly found and brushed aside before the organization suffers millions of dollars’ worth of damages, Raytheon experts say. Here are some of the principles they're using to help smart enterprises use to become cyber fortresses:
Fend off the couch surfers
“Would you rather have 100 threat actors in your network for one day or one threat actor in your network for 100 days?’ ” asked Ed Hammersla, president and CEO of Raytheon Cyber Products.
Intruders can do more damage the longer they have to poke around. Called “dwell time,” it begins the moment attackers first enter a network and it doesn’t end until they are ejected.
Threat actors spend an average of 229 days inside a network before being discovered, adding much to the $5.85 million average cost of a breach in the U.S. – the highest of any nation. IT teams must employ detection, analysis and ejection techniques to reduce the time a compromise lingers.
Beware the unkindness of strangers
“Look at all of the endpoints and all of the connections” in your network, said Steve Tessler, cyber analytics engineer for Raytheon Cyber Products. “You’ll find out who has been communicating with what. If a machine is connecting with another machine from, say, China – but you don’t do any business in China – that’s something you’d want to investigate further.”
You observe a lot by watching
Monitor every endpoint in a network, gather as much user interaction data as possible, and analyze the results on an ongoing basis. That gives you a much better chance of detecting an attacker before they can do any damage.
There are tools for that. The Raytheon Data Clarity Platform, for example, gives security teams a view of a wealth of ongoing network activity, and can zero in on behaviors that pose the most risk.
Those who sacrifice too much liberty for security may end up with neither
“Organizations need to save money while protecting data,” said Chris Finch, senior architect for Raytheon Cross Domain Solutions. “Those are the big drivers for our technology. But we also have to allow users to do their jobs.”
Instead of being seen as strictly as a “tech thing,” data security must be treated as an integral support to business objectives. Raytheon offers Trusted Thin Client to separate and protect data while allowing employees to use it.
Fraud is personal
Frank Abagnale, the con man subject of the movie “Catch Me If You Can,” observed that it’s much easier to commit corporate fraud now than it was when he forged checks until his capture in 1969.
“Back then, I needed to go through extensive typesetting, printing and other steps to do this,” he said during the 5th Annual Raytheon Cyber Security Summit in Reston, Virginia. “Today, you only have to call up a corporate website, copy the logo and commit fraud.”
Everyone into the data pool
Look for opportunities to pool security information to detect threats that may begin or end beyond you.
With Raytheon’s help, the state of New York has built the Digital Information Gateway (DIG), a customized, browser-based product that allows state law enforcement agencies to pull together information on a single subject from all available sources.
It recently helped apprehend a gang that committed 18 “smash-and-grab” burglaries at retail locations in seven New York counties.
“They’d go to one convenience store, take part in a smash-and-grab, and then travel 100 miles and do it all over again,” said Les A. Hoffman, program manager of the state-run Crime Analysis Centers. “Without DIG, we would have never seen the same pattern coming up in all of these different jurisdictions.”
Security is Job One
“It’s the culture that will enable you to do the things you need to do,” said Jeff Brown, Raytheon’s Chief Information Security Officer.
Because there is no single process or technology that can prevent data security issues, organizations should cultivate a culture of intelligence-gathering, collaboration, innovation and employee awareness. To get everybody on board, executive leaders must show passion for these efforts.