Forcepoint Flash: From The Office Of The CSO

Top Five Security Capabilities I Wanted 10 Years Ago [Part One]

By Doug Copley, Forcepoint Deputy CISO

Anyone whose job requires them to focus on information security is well aware of how fast the industry changes. Just look at the 1,000 or so vendors/researchers/consortiums who were present at RSA and Black Hat in 2016, and you can understand how difficult it can be to stay current on security technologies and practices. In a series of five blogs, I’d like to pause a minute and reflect on some of the advances in information security technologies that have significantly improved the ability of companies to defend against attacks and data loss. These capabilities, that today are readily available, I really wanted 10 years ago. Each one has their own angle on improving security preparedness, and each one has made the life of CISOs a little more bearable. I’ll begin with #5 and over this blog series will work my way to the #1 security capability on my wish list 10 years ago.

#5 – I wanted web security that was more than URL filtering, and wanted that protection for laptops off the corporate network.

Ten years ago, web security was largely defined as URL filtering, and it was just that. Companies like Websense and Blue Coat would scour the web indexing and categorizing web sites. Companies could buy an appliance to block internal users from accessing known malicious or inappropriate web sites or categories of web sites. The two primary issues I had with the technology was (a) the technology wasn’t 100 percent accurate and sometimes legitimate business sites were blocked (I remember a case where Yahoo! was mistakenly blocked and we had C-level executives calling us within minutes); and (b) it was all or nothing.  Either the site was blocked at the URL level or not at all.

Fast forward to today and web security has evolved to far more than simple URL filtering. Web security gateways have much more intelligence built-in and the capabilities and granularity of control is significantly improved. Sure, companies can still block access to individual sites or categories of web sites, but now the CONTENT of the web page is analyzed on-the-fly and is based on reputation analysis, real-time content scanning, code scanning, behavior analysis and other factors; access and content is allowed or blocked based on the results of those factors. So companies can block whole pages or sections of pages based on what type of content is being served up and the reputation of the site owner. Add to that, some truly integrated add-on capabilities such as malware detection both inbound and outbound, web application analysis and control (discover and risk-rate cloud apps your employees may be using such as Dropbox, Office365 or Salesforce), data loss prevention capabilities and the ability to examine encrypted sessions via HTTPS inspection. In addition to PC-based anti-malware, web and email gateways can also detect malicious activity leaving your network, so malware that successfully penetrates defenses to get into your environment (and may go un-noticed) can’t communicate with command and control servers out on the internet.

To top it all off, some of the true market leaders allow companies to provide these capabilities on-premise, completely in the cloud (no on-premise equipment) or in a hybrid model of both – all while managing these capabilities out of a single management console. Thus, mobile users who are surfing the web from home, from Starbucks or from a strip mall parking lot are protected as if they were sitting in the office. To simplify deployment and reduce user impact, these protections can even be deployed without modifying proxy settings so truly mobile users don’t have to worry about losing protections as they travel from one environment to another.

Even though web security came in at #5, don’t think it’s any less important than the others. Web security capabilities available today dwarf the capabilities in 2006, and truly make protecting an organization from cyber threats easier. Please keep an eye out for the rest of this series where I explore the remainder of my Top Five list from 2006.

To learn more about a technology that delivers these security capabilities, visit: https://www.forcepoint.com/solutions/need/unified-content-security