The human point of better cybersecurity
Loading...
To really change the game in cybersecurity, Forcepoint CEO Matt Moynahan has a simple and direct prescription: start with people.
“Companies and enterprises run on people, and until robots take over, people are at the heart of it,” Mr. Moynahan, who has over 20 years of experience in senior roles at companies including Reciprocal, Symantec and Veracode, said. “We haven’t really stepped back and said: ‘How do we secure the human element?’”
Moynahan advocates that security executives start assuming the people inside their organizations are trying to steal or leak data — either maliciously or by accident.
“Assume that there are folks who are inside your organization that can steal things or that even good employees can be compromised. If you think like that, everyone is sort of an insider [threat] inside of your company,” he said. “How do you protect intellectual property and critical data from getting out when that threats on the inside? It’s a very different mindset.”
What’s so different about this approach? The information security industry has historically looked at problems through the lens of technology, Moynahan said during an interview on the RSA Conference’s RSAC-TV in San Francisco.
First came antivirus software, which attempts “to chase little pieces of code around the Internet” by looking for tell-tale signatures of malicious code striking a network, explained Moynahan. Then came machine learning and automating the process of marking certain code as dangerous, which remains but a more rapid execution of the same paradigm, he said.
Business executives need to start thinking less about blocking bad things and start pondering about how to stop critical data from leaving the network. They need to think more about how employees do their jobs, and what software they use to interact with critical business data, he said.
“How do you understand workforce anomalies and behavior?” said Moynahan. “And, then look for things that are abnormal to that data set. It’s so fundamentally different than anti-virus and network infrastructure that try to look at all the events happening and then have that lead to a human.”
