Cybersecurity has traditionally been reactive and threat-centric. This approach worked when organizations were able to secure their critical data in data centers they owned and managed. But digital transformation, globalization, the cloud, and workforce mobility have spread data and users far beyond the perimeter of easily walled-off office networks and data centers.
Purely reactive, threat-focused cybersecurity simply can’t keep up with the way we work anymore. In 2019, enterprises saw a 26% increase in security incidents – despite increasing their cybersecurity budgets by 9% year-over-year.
Clearly, something needs to change.
From 2017 through 2021, worldwide spending on cybersecurity is projected to exceed $1 trillion. Because so much of that money has gone towards reactive, threat-centric security, it hasn’t been very effective at stopping increasingly sophisticated external adversaries and inside threats. As we plan our cybersecurity budgets for the next five years, we’ll need to broadly move towards behavior-based cybersecurity systems that can better anticipate data loss incidents before they occur. Instead of only mitigating the damage after such events occur, these solutions will be better at preventing them from happening in the first place … and won’t waste another $1 trillion on ineffective technologies.
People Are the New Perimeter
Today, data isn’t stuck behind firewalls in corporate data centers. It moves wherever employees and their devices do. That can be to different physical locations like coffee shops, airports, and even the street. But data is also increasingly moving upward and outward to the cloud, where organizations are leveraging phenomenal new efficiencies but typically have less direct control over cybersecurity.
In fact, U.S. Census and Bureau of Labor Statistics data show that the number of people telecommuting in the U.S. increased 159% between 2005 and 2017. And the data they work with is increasingly not completely controlled by the organizations they work for—by 2025, IDC predicts that 49% of the world’s stored data will reside in public cloud environments.
Safeguarding data in this brave new world is a fundamentally different task than it used to be. But failing to protect it is just as damaging as it ever was—data breaches can result in costly fines, a reputational hit, and other damaging outcomes.
Instead of building a strong wall around the facilities where data is stored, successful organizations work to protect the employees who generate, access, and share critical data. When companies treat their people as their new perimeter, they replace broad, rigid rules with individualized, adaptive cyber security that won’t slow down users. For example, Forcepoint Dynamic Data Protection (DDP) gives individual users and the systems they use a unique and variable risk-level rating, informed by behavior-centric analytics. These risk-level ratings go up or down depending on how a user behaves and interacts with the data. For example, unexpected logging in from an unexpected remote location can raise the risk level. An attempt to transmit an unusually large amount of data might do the same.
DDP uses these changes in risk levels to continuously drive enforcement for individual users and devices connected to the network. When the risk level reaches a certain threshold, user or system actions and access can be blocked automatically to better prevent a potential data loss incident.
Analysis and Automation Drive Modern Cybersecurity
Great cybersecurity solutions still protect organizations by identifying, cataloging, and protecting against threats like new appearances of malware in the wild. But that approach is just a part of the puzzle these days. Proactive, predictive, and dynamic cybersecurity also uses a combination of research into human behavior, modeling of risk scenarios, and applied artificial intelligence to more narrowly focus on those entities which truly pose the highest level of risk to a business and its employees.
The reactive model of cybersecurity can be thought of as the emergency room—great for stitching up wounds but not built for prevention of future injuries. The threat-centric approach can prevent known attacks, like vaccinating a large population against illnesses that are already pretty well understood.
In contrast, modern cybersecurity solutions like DDP are designed to focus on the wellness of each individual user and system by establishing a baseline of normalized behavior. It then becomes easier to quickly identify abnormal behavior like unusual internal or external data access and file movement and to determine if it matches a compromised credential event.
As such solutions “learn” more about these behavioral baselines, they become smarter about what actually constitutes a risk, rather than flagging all activity that could potentially be harmful. When only real risks are flagged and automatically blocked based on contextual behavior information, that means less friction for users. And when policy enforcement is based on real risk, it allows for the individualized enforcement of consistent global policies for a more a productive environment and more effective security.
Want to find out more? Learn how cybersecurity is evolving from the old reactive, threat-centric model and the steps organizations are taking to modernize their approach to protecting their data, systems, and people.