By Garth, Senior Director at Gigamon
The pressure on industries to pursue digital transformation has increased exponentially in recent years. While the cloud and the Internet of Things (IoT) are key tenets of this transformation, they are also accompanied by several security concerns and damning cyber attack statistics. For example, one report found that 98% of organisations suffered at least one cloud security breach within an 18-month period. IoT and Operational Technology (OT) convergence poses an additional threat, as OT security is typically much weaker than in more modern devices. Not designed for today’s cyber-scape, the OT leveraged by manufacturers and engineers could become a critical point of weakness within their security strategy.
Therefore, to ensure protection in the cloud and IoT, deep observability across the whole network, every device and all data in motion is key. But organisations must also consider the impact this has on data privacy and find a way to balance compliance with achieving complete visibility into their network.
There is a unique balancing act of considerations for organisations that are embracing secure digital transformation. SecOps teams must ensure the network is safe to use for everyone, identifying anomalies across the cloud and IoT/OT devices to mitigate attacks, while also complying with the General Data Protection Regulation (GDPR) while processing data.
In today’s environment, this balance is more important than ever before, as the threat of ransomware is only growing. According to our recent survey, 59% of global respondents agreed that the ransomware crisis has worsened in the last three months. What’s more, cybercriminals are more innovative in how they target and attack businesses, as well as more organised in how they operate. Cyberattacks are inevitable for organisations today and are becoming more devastating, with criminals able to penetrate a network and gather intelligence for months at a time, hiding in blind spots before deploying malware. With a worrying average adversary dwell time of 287 days, businesses must find a tool that eliminates the gaps in visibility currently allowing bad actors to evade detection.
Cybercriminals are also leveraging SSL/TLS encryption. This technique is often used by organisations as a core element of their cybersecurity and data privacy strategies, however, it is now being increasingly exploited as a way of holding data to ransom and concealing criminal activity. Worryingly, reports highlight that 91.5% of malware arrives over encrypted connections. Considering that organisations are increasingly reliant on encryption and the sheer volume of encrypted data travelling across a network, the criminal hijacking of SSL/TLS encryption is extremely concerning. Therefore, businesses need a way to decrypt SSL traffic, share it with tools and then re-encrypt it before it becomes compromised.
Deep observability, i.e., a holistic view of traffic that amplifies the power of traditional log or trace-based monitoring tools, and provides actionable insights to NetOps teams, is crucial for both IoT, OT and cloud security. It offers a clear line of sight across networks and into all devices. But how can privacy remain a top priority if all data is visible at all times?
The answer lies in data masking. By modifying sensitive data, data masking renders it unusable and valueless to cyber criminals. The technique also makes compliance with GDPR far easier for UK organisations. Because data is obscured before it travels to monitoring and security tools, sensitive information is never processed, stored or even seen.
GDPR requires organisations across all sectors in the UK to protect sensitive data, with severe penalties for companies who fail to comply. Regulations are also particularly stringent in industries such as finance and healthcare, as they hold such critical and sensitive data. It is therefore of the utmost importance for businesses in these sectors to adopt data masking as a key technique for maintaining data privacy while simultaneously bolstering cybersecurity. What’s more, data masking also protects the NetOps teams monitoring the network from being exposed to confidential data inadvertently.
Striking a balance between data privacy and deep observability by implementing data masking is one of the best ways organisations can protect themselves and their sensitive data from future cyberattacks. In the coming years, data masking tools are set to become an even more essential part of network intelligence solutions. SecOps teams cannot protect their network from what they cannot see. Yet security and privacy must work in harmony for success and safety within a digitally-native organisation.