What more can we do to protect ourselves?
In the first two blogs of this series, we explored the significance of the OPM breach and the country’s response, what the Chinese government might do with this breadth of knowledge, and the need for advanced technology that accounts for user behavior. As a bookend to this series, we will explore the same question that Ntrepid CEO Richard Helms answered most passionately at the 2016 CyberMaryland Conference, “What more can we do to protect ourselves?”
As a nation, we must take steps to secure the most vulnerable asset of any network: the employee.
Employees are one of the most valuable assets to any organization, but they are also the most vulnerable. Today’s workforce is no longer confined to, or protected by, a traditional network perimeter. Gone are the days where access to a particular network or individual was confined by enterprise walls — employees connect to more networks with more devices today than ever before, creating major vulnerabilities for themselves and their employers.
Although email has become the favorite attack vector of adversaries (through phishing and social engineering attacks), ultimately the browser is where malware breaks into networks. So if employees are using vulnerable Internet browsers both at home and at work, why aren’t organizations protecting them? Helms believes that if organizations are not thinking about trying to protect their workforce when they’re “off base,” then they are not doing enough.
To revisit Sun Tzu’s The Art of War, while knowing your enemy can give you an unparalleled advantage over your adversary, it is also said that, “great results can be achieved with small forces.” Helms feels strongly that protecting employees from further exposure is not hard, but is concerned that there has been virtually no discussion about the issue aside from the offer of identity protection which will not solve the reality we are left with after the breach. At the end of the day, there needs to be a higher level dialogue about how to extend the enterprise perimeter to include the environments where critical employees are at all times.
So what’s next?
If 90 percent of undetected malware comes through the browser, let’s deal with that first. The Chinese government will be creating new malware to use against the target set they have now, which includes seven percent of the U.S. population. The surest, quickest, and most efficient method to protect individuals going forward is to secure the Internet browser they use and prevent it from being an attack vector into their lives and the networks in which they participate.
The technology must take into account that humans will not avoid browser clicking errors on their own. Even intelligence professionals cannot be too careful when it comes to engaging the Internet from an organization or personal device. By isolating all browsing activity from the local computer and network, secure virtual browsers protect the enterprise from all web-based attacks, including web-delivered malware, watering hole attacks, spear phishing, passive information leakage, and drive-by downloads. This not only protects users from accessing any website without putting the company’s infrastructure and data at risk, but also significantly reduces the ability of adversaries to conduct targeted social engineering attacks.
To hear more unique perspectives and thoughts on dealing with the ramifications of the OPM breach, check out the full panel discussion.