freshidea - stock.adobe.com

Tech, growing data sets complicate enterprise cybersecurity strategy

Emerging tech has grown companies' data sets and made IT environments increasingly complex. As IT capabilities evolve, enterprise cybersecurity strategy is struggling to keep up.

Automation, machine learning, artificial intelligence, the Internet of Things and other emerging technologies are creating near ubiquitous computing and increasing data sets.

The combination means organizations have a larger, more complex environment to protect -- and face significant consequences if breaches and hacks occur, security experts said. Organizations and their security teams are struggling to keep pace.

"The ability to ensure the integrity of our systems and the integrity of our data is becoming less certain as we adopt more and more of these emerging technologies," said Rob Clyde, vice chair of ISACA and executive chair of the board of directors of White Cloud Security Inc. of Austin.

One of the biggest challenges to enterprise cybersecurity strategy comes from emerging technologies that collect and analyze data, then use that data to drive decision-making. This requires security professionals to pay greater attention to data integrity, said Heidi Shey, a senior analyst at Forrester Research Inc.

"In the past, people have focused on availability and confidentiality, but integrity places a bigger role moving forward -- you need to trust it," she explained.

The ability to ensure the integrity of our systems and the integrity of our data is becoming less certain as we adopt more and more of these emerging technologies.
Rob Clydevice chair, ISACA

That, in turn, means providing layers of security for the hardware -- such as IoT sensors -- as well as for all the software in the organization, Shey and others said.

Of course, that's not a new objective. But the complexity of it is -- especially when factoring in that it is increasingly difficult for enterprises to detect problems throughout the data lifecycle.

Consider, for instance, if sensors in a grocery store's refrigerator aisles malfunction and feed incorrect data into the store's analytics engine that determines optimal temperatures to safeguard frozen food safety.

Or consider the possibility of a bad actor hacking into a medical device's data streams, or an industrial production line, or a water plant's computer system.

"If that data is tampered with or bad, then it leads you to make bad decisions and those bad decisions could have a catastrophic impact," said Jeff Pollard, a principal analyst with Forrester.

Closing cybersecurity gaps

A 2016 report titled Identifying Critical Gaps in Database Security conducted by the analyst firm Osterman Research shows how far organizations must go to address the challenge. According to the report, only 19 percent of organizations said they have "excellent" visibility into their data and database assets while 47 percent of those surveyed said they have not assigned anyone to oversee database security.

Yet the amount of data being collected is rapidly expanding. According to IDC forecasts, by 2025 the global datasphere will grow to 163 zettabytes.

There remain, too, other challenges to enterprise cybersecurity strategy that are more pointed.

Clyde lists several of those pressing tactical challenges that organizations need to address, including securing cloud initiatives. He said organizations rely on cloud to support most of their digital transformation initiatives as well as their adoption of emerging technologies like AI. And while companies providing public cloud services generally offer better security, reliability and availability because they commit significantly more resources to security, enterprises contracting with cloud companies often don't have the expertise to ensure they're implementing needed security standards on their side of the transaction.

The General Data Protection Regulation (GDPR) also looms large for many organizations, as the European Union regulation regarding data privacy for European residents goes into effect this spring. Many organizations aren't prepared, security leaders said.

"It won't be over on [the deadline day of] May 25 for many companies; instead it will be the start of the journey," Clyde said.

Meanwhile, enterprise security teams will continue facing the longstanding challenges of ensuring the availability and reliability of systems as threats like ransomware and distributed denial-of-service (DDOS) attacks become more sophisticated.

For instance, Pollard said enterprise security and IT leaders will have to think about how they'll address crypto mining, the computer mining process used by both bad actors and legitimate companies. Enterprise leaders need to determine whether they'll block all websites that seek to use visitors' computers for mining, even if it means blocking websites employees might want to access for personal or professional reasons.

Cybersecurity processes forced to adapt

Enterprise officials must also consider how they'll expand their security efforts. Companies of all stripes are being pressured to see themselves as technology or software companies as they offer more apps and platforms to their customers. As a result, Pollard said security tasks -- from simply preventing data leakage to ensuring data integrity to maintaining availability and safeguarding data -- extend beyond the enterprise to where it meets and engages with customers and partners.

"It's thinking about security in a way that's much more aware of everything [the organization] is doing," Pollard said.

Along with the challenges, cybersecurity technologies are also emerging.

John Barchie, a senior fellow at Arrakis Consulting LLC, cites more secure architecture, including cloud computing, advances in programming and development that incorporate secure code, and end-to-end encryption is become more a standard.

Others pointed to advances in identity and access management, as well as in file structure and data structure scanning.

"We're talking about layered defense, and that's a fundamental principle that needs to be followed," Barchie said.

Still, he said, more work needs to be done.

"The tools currently are designed to help a process and take advantage of the data in the fastest possible way. They're not meant to protect the source of the data from having their data misused. We're going to have to start writing tools to protect the users," Barchie added.

The NIST Cybersecurity Framework and ISACA's COBIT 5 frameworks provide guidance for CIOs, CISOs and other executives and board members as they confront the security challenges emerging along with the bevy of new technologies.

Shey pointed to the Big Data Ethical Framework Initiative, from the nonprofit Information Accountability Foundation, as another governance guideline that could help enterprises move forward.

Beyond that, however, experts said enterprise security and IT leaders need to consider how they're monitoring the hardware and software that collects and uses data to figure out how they'll even determine whether something in that entire network is awry. For this security challenge, there's no single or simple technology solution or governance framework to deploy.

"This is the biggest new challenge I see for security leaders," Pollard said. "It's not so much a technical challenge. It's more the fact that there is so much more increased complexity around the decisions they'll have to make, so many lines are blurring. There's a lot more shades of gray today than they've dealt with before."

Dig Deeper on Risk management and governance