With RSA underway, Clearswift’s SVP Engineering, Maksym Schipka provides some expert insight into trending topics in cyber security this year.
Maksym Schipka, SVP Engineering
As we highlighted in last week’s blog, some key issues are already at the forefront of RSA discussions, including the IT skills gap. But a recurring topic is the Enemy Within. As Bob Tarzey, analyst at Quocirca, states in SC Magazine’s recent article, “Privileged user management is central to enforcing security policies”. The insider threat is mainly down to a lack of understanding- so how is technology advancing to combat this “knowledge gap”?
The importance of the insider threat means it’s more important than ever to bridge the knowledge gap of all employees and the technology employed by the company, to ensure protection of critical information. If “the insider threat is primarily about employee's lack of understanding - or even stupidity - when it comes to using IT in a business environment”, then the intelligence of the technology risks being undermined by simple human error.
Aside from ensuring clear policies are implemented in businesses, there have been huge advancements made in technology which can mitigate the risk around human error. If the technology relies on people to action the process, then there is always a risk of that a mistake will create a weak point; making the company’s critical information vulnerable, despite the sophisticated technology.
As the analyst in the article comments, one of the industry’s greatest advancements is the use of automated warnings sent to users by the security software itself, rather than simply logging a given suspect security incident to management for them to take action. Rather than the “stop and block” approach, technology such as Clearswift’s Adaptive Redaction allows for fluid communications within the company, both externally and internally, with users notified if there is any break in communication.
Clearswift enables secure collaboration by delivering 100% visibility of critical information, 100% of the time - essentially, businesses know exactly where their critical information is all of the time, what’s happening to it, who’s allowed to see what, including if there have been any attempts to share confidential information without the correct permission. If you’re at RSA Conference 2014 – come and see us on booth #539, where we are demonstrating just how.
The event’s top topics so far have been equally focused on business needs as they have been on the potential of technology. It’s with business needs in mind that technology needs to be engineered, so that those employing the technology have an understanding of its impact within an organization.