Prevention vs detection - keeping risk at arms length
As well as being a ground-breaking connectivity tool it's undeniable that the internet is also a fiery cesspool of cyber horror. The solution – prevent any of your users gaining access to the internet in the first place. Ta da, problem solved. You’re welcome.
[Insert high-fiving and some very non-British whooping* etc]
Oh. Wait. Yeah, something something…users need access to the web…something something. ?And SaaS services. Sigh, fine.
The concerning truth is that our current detection strategies aren’t equipped enough to handle the escalating risks. The dangers associated with the web access we have had to give our users (henceforth known as link-clickers) continues to escalate dramatically. The ongoing discussions and new cycles in the US emphasize boosting the security posture of Critical Infrastructure. But I believe this should extend to Enterprise firms that might not consider themselves as CI. Perhaps we can term them as 'Critical Enterprise'?
It's clear: detection alone won’t save us, especially from the intense international interference that CISA and the NCSC are concerned about. The discussions now revolves around proactive prevention.
A component of a prevention strategy needs to consider browser vulnerabilities and keeping the risky internet traffic off of the networks and end points in the first place. One day we’re all going to look back and wonder why we ever let unknown code and content anywhere near our corporate browsers. We must be bonkers!
‘Remote Browser Isolation’ (RBI) – is a method aimed at keeping risky internet traffic at a distance from your networks and endpoints. Though this concept had its lows due to early-stage limitations in security and user experience, the RBI space has significantly matured and many firms and government entities are embracing RBI. But, a word of caution: Not all RBI platforms are created equal.
I'd like to share a blog by Rob Clyde , the former CTO of Symantec. He dives deep into the RBI approaches and sheds light on selecting a genuinely effective strategy without unknowingly heightening risks instead of the intended reverse.
For those feeling adventurous (or shall I say 'link-clicky' ??), here is a link to our offering, which we believe is the most secure and scalable Browser Isolation service globally. Buy hey, I’m the CSO of a vendor, of course I would say that. Our government partners are the ones to trust on what they say about our credibility…
* British people do whoop, just not quite as well as US people are able to whoop. US cousins, I commend you on your whooping.
COO @Sales Innovation - Bringing Software Companies to APAC
2 个月James, thanks for the post!