SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
#
Malware
#
Firewalls
#
Data Protection

Video: 10 Minute IT Jams - Traditional cybersecurity vs data protection

Thu, 29th Jul 2021
FYI, this story is more than a year old
Author image
By Nick Forrester, Senior News Editor

Cyber security and data protection are not the same. So says John Millionas, Channel Director for Australia and New Zealand at Forcepoint, who argues that the crucial distinction is still missed by too many businesses - and the consequences are increasingly serious.

"They are intrinsically linked but if we think about cyber security, it's about trying to keep the bad guys out of the networks," Millionas said. "It's about mitigating external threats, trying to keep things out - ransomware, malware, phishing and all those sorts of things."

Most organisations now have cyber security solutions of some form, but Millionas believes these are just one part of a far more complex puzzle. "They often don't have data protection policies in place," he said. "If we think about it, I'm sitting here in my home - I've got window locks and roller doors - but if the bad guys get in, they want my valuables." 

Applying this analogy to business IT, he observed that firewalls and secure connections work much like those window locks and doors. But: "Unfortunately the bad guys are still getting in and when they get in, they want access to the data."

The real difference between the two worlds, he said, comes down to their focus: "Typically, cyber security is about trying to keep stuff out from getting into your business. Data protection is about actually protecting the crown jewels when the bad guys do get in."

The Modern Data Problem

Pressed to clarify the practical distinction, Millionas painted a clear picture of today's data challenges. "We're creating a huge amount of data, we share a huge amount of data both internally to our company networks and externally," he said.

The modern office is awash with sensitive files: confidential price lists, research and development notes, technical diagrams, contracts, and personal data. Who can access these files, and what can users do with them? "Can they save it locally, can they save it to USB, can they upload things from their work machine to Gmail or Box? Can they take screenshots of confidential Teams or Zoom calls?" he asked. 

Data, he explained, might be stored in legacy applications, in the cloud, or even on people's laptops at home, especially with so many people now working remotely. "If someone's got your credentials and they're able to access data from an external trader in lots of different ways…it puts the organisation at risk."

But criminals come in many forms: "I might be a malicious insider…and unfortunately, there are many people that breach confidentiality of organisations. If they're given unfettered access without protections around the data they can access and what they can do with that data, and they're able to exfiltrate that data, that can also place a business at significant risk."

The growing challenge, then, is ensuring that user access to data is tightly monitored and controlled. "Data protection really is about that interaction between users and data," Millionas said.

Are Traditional Cyber Security Measures Enough?

With cyber security spending hitting record highs globally, why are data breaches still occurring so frequently? "There's record investment," Millionas said. "We wake up every day and see a Gartner report suggesting that the market is just growing by huge amounts and it's worth hundreds of billions of dollars."

Yet, he added, "despite the record investment of organisations in things like firewalls and endpoint agents and cloud and secure SD-WAN and all these sorts of things, data breaches are occurring at an unabated rate." In Australia, he noted, there were 1,057 major notifiable data breaches last year alone - a number expected to be exceeded this year.

Recent high-profile breaches, including those at media companies, government agencies, and major retailers, show the problem is not letting up. "Despite the record investment in cyber security solutions trying to keep stuff out, the bad guys are still getting in," he said.

The consequences are devastating: "There's a ransomware attack every nine seconds globally…one of the statistics I read last week from a FireEye report is they're [hackers] in the network on average for 76 days."

It raises a chilling prospect: "Imagine someone's in my home for 76 days. They'd be going through my passports, they'd be going through my laptops, my drawers…they'd have unfettered access to my entire life."

For business, the lack of effective data protection means that, in those 76 days, attackers can go deep, undetected, and harvest the most precious corporate assets. "The cyber security solutions are not protecting the data, so if the bad guys have got in…the external solutions that we've put out to try and keep the bad guys from getting in, once they are in and they are getting in at increasing rates, then data protection really is about securing the data - providing checks and balances around who can access what, what can they do with that information," he explained.

First Steps Towards Better Protection

So what can be done? For Millionas, it's essential for organisations to treat cyber security and data protection as closely related elements. "They both are needed," he said. "Where Forcepoint comes in is we really sit at that axis moment of user and data."

He stressed that cyber threats are not just external - companies must watch their own staff as well. "The bad guy being in for 76 days might also be someone internal…there are bad guys internally," he said.

Forcepoint's approach is to act at the crucial "intersection" of data and users, monitoring billions of access moments a day. "If data is being exfiltrated, if the bad guys are in your network and they've compromised your credentials and they're trying to shift terabits of data, and our system picks up and says well, hey, this is not allowed…we're going to encrypt this so you can't access this outside of the company network or we're going to flat out block this," he explained.

Integrating sophisticated data protection into wider cybersecurity requirements and closely monitoring user behaviour in real-time can make all the difference. "You start getting really powerful benefits…and data is the crown jewel of every organisation," Millionas said.

The challenge, he acknowledged, is huge - and urgent: "That gap for companies on how they can secure their data is a real challenge, and it really sits as an overlay across their entire IT stack."

But, as he concluded, there is growing awareness of what needs to be done: "A lot of those organisations are now realising this and typically if they have been breached, they'll look backwards and say, well, how did the bad guys get in, when did they get in, are they still in, what have they taken, but unfortunately at that point it's too late."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Bitdefender unveils upgrades to partner & MSP programmes
Experts warn of surge in Google, Apple, Microsoft breaches
AI-driven phishing attacks surge against Australian targets in 2024
Safari users at heightened risk from new fullscreen BitM attack
Most high-traffic email domains still vulnerable to phishing
Top stories
Strengthening cyber resilience in superannuation
Why better data management is crucial for Australian Organisations facing cyber breaches
Is it time to re-think the business browser?
AI-driven cybersecurity shapes future of managed services
SEON expands APAC team as demand for fraud tech solutions rises