SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
Ixia
Inside-out security strategy vital, says expert
Tue, 8th Mar 2016
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Inside threats can often blindside a business, as most organisations focus on external security threats, according to Ixia.

The company says it is imperative businesses tailor their security policies, internal awareness regimes and security tools to ensure they are protected from the inside out, as well as the outside in.

“Information is becoming a popular commodity for criminals around the globe, so companies have to do what they can to make sure that information stays safe,” explains Stephen Urquhart, general manager ANZ, Ixia.

“At the same time, our increasingly connected world is opening up new ways for information to be lost, inadvertently shared, stolen, or appropriated by unauthorised agents,” he says.

“Companies need to protect this information from the inside.

Urquhart says there are three key components to designing an inside out security strategy to keep data safe within an organization.

Policy

Urquhart says organisations should build security architecture with multiple layers to protect the areas of the organisation where most of the internal information assets reside.

“It is best if data is encrypted and companies should also implement a tiered permissions identification system,” he explains.

“At the same time, businesses should implement an overall corporate security policy that all levels of management support.

“This helps to make sure everyone is on the same page with practical security measures, such as using stronger passwords and changing them regularly,” says Urquhart.

Awareness

Companies should train employees to recognise cyber criminals' tactics and understand how to avoid being tricked, Urquhart explains.

“Additionally, given that most ‘inside out' data breaches are accidents, businesses need to teach employees how to manage sensitive information, stay up-to-date on threat intelligence reports, and be aware of the latest cyber-criminal exploits,” he says.

Tools

According to Urquhart, companies should implement a selection of tools that monitor streaming applications on the network to identify unusual behaviour or unknown network applications effectively,” he says.

“This can help prevent exploits from being discovered after it is too late to mitigate them.

“Additionally, businesses should use testing solutions to make sure all programs are running as expected prior to deployment,” Urquhart explains.

“This can ensure that data is kept where it is meant be kept, making it easier to protect.

Related stories
Absolute Security focuses on cyber resilience in company rebrand
Armis acquires Silk Security for a total of $150M
Most enterprise PCs ill-equipped for AI-induced security threats
Three ways employees can spot a deepfake scam
Qualys offers free cybersecurity platform access after NCSC guidance
Top stories
Bugcrowd launches AI bias assessment for secure LLM application use
Kaspersky illuminates LockBit ransomware group's advanced tactics
First-party data collection prioritised due to privacy laws
Cisco boosts Secure Application with added data, cloud security features
MotivationWorks upgrades cybersecurity with Radware