As the waves of ransomware hitting the shores of companies around the world prove, today’s cybersecurity balance still tips toward the bad guys.
The odds are stacked against the good guys, as they need to mitigate all threats, whether they be against their networks, brands, or physical locations, while the hackers simply need to exploit a single vulnerability.
It doesn’t help that in today’s cloud-enabled, software-defined world, enterprise threat surfaces are expanding well past the traditional corporate perimeter, offering malefactors a welcome mat for their mischief.
Cybersecurity vendors are doing their best to help their customers understand and mitigate these threats, and newer technologies like big data and artificial intelligence are maturing, rapidly bringing new capabilities to enterprise cybersecurity solutions.
Yet the bad actors are still winning. They realize that enterprises are gearing up, but just like burglars casing a gated community, the cybercriminals realize they only need one house with a disarmed security system to make a score.
Just so with enterprise cybersecurity: the weaknesses are usually all too human. Humans falling for phishing attacks. Humans delaying the installation of critical security patches. Humans choosing insecure passwords. The list goes on and on.
Better technology can certainly help with such human weaknesses – better automation, better AI, better software overall. But machine-readable threat intelligence alone cannot detect and mitigate all the cyberthreats that today’s enterprises must deal with on a daily basis.
The Missing Piece of the Cybersecurity Puzzle
The missing piece of the puzzle is itself human: human expertise and ingenuity on the side of the good guys, working to stay one step ahead of the hackers.
Humans with the best tools at their fingertips – threat intelligence platforms to help sift through data and threat mitigation engines to automate blocking known bad actors – but also the skills, time, and attention necessary to make the most of such technology.
CISOs generally realize the importance of the human element in an adequate cybersecurity defense, of course. Their problem isn’t understanding the need, it’s filling the seats with qualified people.
Indeed, cybersecurity analysts are in desperately short supply – a shortage that has several ramifications for enterprise security. It drives up the cost of such people, and the ones a CISO is able to hire will likely be overworked and underskilled – a combination that ends up being a recipe for disaster.
LookingGlass Cyber Solutions is among a small cadre of vendors that is tackling the human side of the cybersecurity challenge.
LookingGlass offers technology that automates the collection and analysis of threat data – but the technology part of its offering is only part of the story.
LookingGlass also staffs a 24 x 7 crew of cybersecurity experts that analyze global cybersecurity threats on a continuous, real-time basis. This team – the LookingGlass Watch Desk – keeps tabs on known and emerging threats around the world, combining deep cybersecurity expertise with modern tools to deliver high-importance alerts within minutes of the detection of a suspicious event.
In conjunction with its Watch Desk, LookingGlass maintains a Special Investigations Unit (SIU) and Cyber Threat Intelligence Group (CTIG). Both teams leverage a vast database of available intelligence to conduct deep-dive investigations and analyses into information and physical security threats.
The Intellyx Take
The connotation of the ‘cyber’ prefix suggests that cybersecurity is a technology problem with a technology solution. However, technology is only part of the story. In reality, cybersecurity is a battle between people – bad actors on one side and the personnel at the companies they seek to compromise on the other.
True, both sides of these battles use technology, and in some cases, the best technology wins. For comprehensive threat prevention, however, enterprises must bring the human element to bear in order to beat the hackers at their own game.
In today’s resource-constrained business environment, staffing an adequate team of cybersecurity experts may simply not be possible – or at the least, can be quite expensive.
Threat prevention services that combine the latest technology with teams of seasoned cybersecurity experts like those from LookingGlass are an essential part of any enterprise cybersecurity portfolio.
Copyright © Intellyx LLC. LookingGlass™ Cyber Solutions is an Intellyx client. At the time of writing, none of the other organizations mentioned in this article are Intellyx clients. Intellyx retains full editorial control over the content of this paper. Image credit: Shutterstock.