Security P4: Program, People, Process & Policy

Marketing professionals love alliterations because it makes it easy to remember a number of things that are required to work together to make a whole better than the sum of their parts. For cyber security that means combining programs, people, process and policy into a cohesive whole that will ensure you safely conduct business without breaking an one of the hundreds of regulations that constantly crop up or become a victim of a malware or ransomware attack costing $millions.

Trust But Verify

Companies recognize the continual escalation of security and data breaches as well as the need for strong cyber threat prevention strategies. Unfortunately, employees become apathetic to their role in cyber threat prevention because of three reasons:

  1. Do we even have security policies? Maybe this seems extreme; because of course companies do have some form of security policies in place. In fact according to a Cisco study, “three out of four companies surveyed have security policies. However, 40 percent of employees in the surveyed companies did not know that the security policies existed-and a surprising 20 percent of IT professionals were unaware of an existing security policy.” So, the problem isn’t the lack of the policies. The problem is that they’re often not communicated. 
  1. Is The Risk Even Real? Usually it’s about employees not understanding the risks and implications. It’s not top-of-mind and they certainly don’t see IT security as their problem. Many users believe it’s the job of IT to create, implement, and enforce security policies. In fact, the above study noted that “many IT professionals (41 percent) believe that employees are willing to engage in these risky behaviors because they think that IT will solve any problems that arise as a result, or that no one will know.”
  1. Security policies get in our way! This may sound bizarre, but there are many employees that believe your policies and processes inhibit their ability to do their jobs. For example, consider the number of employees using SaaS applications that have not been approved by the IT department or obtained through IT processes (called ‘Shadow IT’). For these employees, their perception is that it’s faster and easier to avoid security policies altogether. And while companies shouldn’t inhibit employee productivity, organizations need to incorporate solutions that are employee-friendly, while still protecting the company.

This is why a combination of cyber security policies with strong programs to detect and prevent malware from entering your organization along with ongoing security awareness training for the people component will maximize your organization’s ability to succeed.

New Security Ecosystem

We have previously reported on how Security Ecosystems Evolve and the value of 1+1=5, but we haven’t really covered the foundation of a great ecosystem for your cybersecurity strategy. Organizations today should consider the four “P’s” of security, specifically:

  • Programs:Given we are a technology company, we suggest starting with the programs necessary to prevent malware from even entering your organization or even tempting your people to (unconsciously) break security policies or processes.
  • People:As discussed, people can be the weakest link in any cyber threat prevention strategy so the addition of training to your security ecosystem will help.
  • Process and Policy:These areas are functions of your particular industry and threat aversion. Healthcare and Financial services have dramatically different regulations and process requirements than do Retail and Manufacturing. What is important is to recognize the eed for document processes that help ensure your policies are enforced.

A Complete Solution

Solebit’s SoleGATE (now part of Mimecast) uses a static analysis which is faster, more accurate, not OS version dependent and covers 100% of your code, with complete visibility.  With SoleGATE, every line of code is evaluated, making Sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.

Using deep inspection and analysis methods, SoleGATE is able to interpret and detect code in real time and immediately block threats from penetrating your organization. DvC™ has no assumptions on threat heuristics and behavior and assumes that there is no legitimate reason for executable code to be present in a data file, it relies solely on identifying code existence on non-executables files.

Mimcast also recently acquired Ataata for security awareness training, expanding Mimecast offerings for cybersecurity awareness capabilities with leading training content, risk scoring and real-world simulation attack scenarios.

See for yourself what SoleGATE can do to deliver evasion proof security in your organization. Register for a demo today.

 

 

Recent Posts