The Threat is Coming from Inside Your House!
Mark Dunning
I help CEOs at international professional services companies reduce cybersecurity risk by 50% by building global information security programs and transforming IT teams.
Happy Cyber Entropy Month!? You can read other posts on Cyber Entropy here and here.? And be sure to join our webinar ‘Bringing Order to the Chaos of Cyber Entropy’ on September 5th at noon.
For those of you who read the first post, you’ll remember that there are nine million apps available in the Google store.? You’ll also remember that 97% of them are ‘free’.? The truth is, though, that none of them are free.? If you are not paying with currency, you’re paying with data.? So that means, just with handheld apps, you have nine million ways to lose your data.
Like we said, Happy Cyber Entropy Month!
Data Entropy
More and more and more your data is slipping through your fingers.? It was hard enough when your data was migrating and duplicating from server to server, or from server to workstation.? Or when multiple copies were stored in email as attachments or duplicated ineffectively in your CRM, your ERP, and your HRIS.
Those things are still problems, of course, but it’s getting worse.? There are all those free sites offering what appear to be (and often are) useful tools for your staff to use.? Of course, to use them, to even test them, your staff often use your data.? Once it is in those free systems, it is often very difficult to get out without buying their premium licenses for which you didn’t plan and didn’t budget.?
Now the big challenge is AI.? Often your data is used as part of the input so that staff can get the right answer as output.? But where does that data go?? The nightmare is it is ingested into the LLM to be regurgitated to the next questioner who may or may not be your competitor.? And what if the data used was client data?? What are the repercussions of that?
To combat this, you need to improve your data governance.? Start by building a data inventory.? The best way to do this is by working with each department in the company.? They know what data they use and what is the most valuable to them.? That’s what we care about:? the most important data.? We can get to the other stuff later but we want to protect the good stuff now.
Next, classify that data.? Again, this doesn’t have to be arduous.? Start with internal and public, for example.? Anything internal can’t be stored in unapproved systems.? Then build from there.?
领英推荐
Your third step is creating data flow diagrams to understand how internal data flows between systems.? You might have access controls in place in your CRM, for instance, but when that data flows to your billing system the controls are different and the data gets exposed.? Finally, when you have data labeled, document a cradle-to-grave Information Lifecycle that identifies owners, classifications, labels, and, importantly, retention and destruction plans.?
Access Entropy
Though we didn’t specifically state it above, a big part of what combats data entropy is Access Control.? Following the principles of ‘need to know’ and ‘least privilege’ can ensure that only those who are trained to properly handle your data have access to that data.? The problem is that every single system has multiple layers of permissions and privileges and keeping them consistent is a big challenge.? Further, remember those nine million apps mentioned earlier?? They all have permissions and privileges, too, or they don’t which is even worse.
Privilege Access Management platforms can help with this chaos because they add a documented and time limited layer to privileged access.? That helps limit the number of accounts that have elevated privileges.?
For those specific accounts granted elevated privileges make sure you have a document access lifecycle that follows those principles of ‘need to know’ and ‘least privilege.’? One of the big gaps we see is not in the initial setup of privileges but the maintenance of those privileges.? Companies are usually pretty good at shutting down access when an employee leaves the company but not so good at modifying access for current employees.? When jobs change or roles change, access should, too.?
As we saw in other posts, often the key to controlling cyber entropy is discipline.? Tools, procedures, monitoring, and auditing will only help control the entropy if you follow them religiously.
Good luck!?
I’m always available to help.? I can be reached at [email protected].? Check out our website for more information.? And be sure to catch our webinar on September 5th at 12:00 PM.? Look forward to seeing you there.
Co-Founder of Altrosyn and DIrector at CDTECH | Inventor | Manufacturer
6 个月Cyber entropy refers to the unpredictable and chaotic nature of data within an organization's systems, often stemming from human error, evolving technologies, and inadequate security measures. This can lead to vulnerabilities that malicious actors exploit, making it crucial to implement robust data governance policies and advanced threat detection mechanisms. Given the increasing sophistication of adversarial techniques, how would you leverage behavioral analytics and machine learning algorithms to identify anomalous user activity indicative of insider threats within a dynamic cloud environment?