Beyond The Perimeter
As businesses undergo digital transformation, the attack surface expands well beyond the perimeter. Traditional perimeter-based defenses still have their uses. But their coverage can’t extend to where digital communication channels and social media platforms are.
Companies are facing a new and increasingly challenging digital risk landscape. Why? Because of fundamental shifts in the nature of cybersecurity.
Cloud Platforms Have Inherent Visibility Issues
When all enterprise communications happened within the perimeter, there was no visibility challenge. Intranets could be scanned, internal communications could be checked. Companies could be sure that there was oversight on all, or at least most, of the important communications their staff were involved in.
But now? Lack of visibility is the norm. For example, companies have very little insight into what their employees are saying to customers via WhatsApp. They have limited or no capacity to scan for compliance risks within LinkedIn direct messages.
CASBs will log traffic or control access to enterprise clouds, but more advanced intelligence is hard to gather. As standard, a vast amount of a company’s digital footprint is simply invisible to the teams who are meant to be responsible for it.
Teams need to institute a fully configurable policy engine that can oversee, capture, and preserve a complete digital record of communications to an archive in order to mitigate digital security risk. But they can’t even see what is going on in the third-party cloud channels where staff are spending hours every day, let alone act on anything troublesome. They don’t own any of the data being produced in those channels.
Human Intelligence Can’t Keep Up
Already, human security teams are making serious compromises in order to keep up with the flow of digital data they are meant to police.
We see this with the practice of sampling. Risk and compliance teams cannot possibly review all of a given set of digital communications; there is simply too much, and not enough bodies to trawl through it all. So what do they do instead? Rather than assessing 100% of communications, they assess 7-10% of them. Then they extrapolate the findings from this 10% out to the other 90%. While this has a certain logic, it is an incomplete and fairly slipshod way of supervising communications.
Similarly, traditional security controls are often based on patterns, signatures, or heuristics. When a new attack signature, virus pattern, or file-hash is detected, there is a certain time-lag between the initial discovery and the required system update. Often, human workers manning these systems are slow to respond.
The reality is: Modern-day digital risk can only be effectively combated with the aid of AI and machine learning.
For example, one of our customers produces between 40,000 to 70,000 Slack messages every day. For a global pharma company, a regional sales team of 450 people generated over 116,000 WhatsApp messages in a single month.
Only AI-driven digital risk solutions can perpetually monitor every relevant digital endpoint. Only AI-driven digital risk solutions can institute detection policies that reliably capture every concerning event in line with customizable policies. Modern digital risk protection requires a comprehensiveness, a breadth and reach of platform coverage, that human teams cannot keep up with. It requires the data aggregation and recall, lightning-speed data processing, and instantaneous decision making of machine-powered systems.
The key problem is this: In the modern era, an enterprise’s digital life takes place outside of its IT infrastructure. Sales, marketing, and other business-critical activities now happen in the digital space, and well outside of the traditional security perimeter.
Once upon a time, companies established a perimeter, with firewalls and authentication systems and so on, and that was that. Their online presence is divided across numerous channels and accounts that are not in their control.
Such a state of affairs makes it very difficult to maintain visibility or maintain control into an enterprise’s entire digital footprint. The digital front remains unrestricted, unmonitored, and unmanaged. Maintaining visibility is very hard. Fraudulent or fake channels and accounts can proliferate, without the organization even knowing it. It’s impossible to stop what you can’t see.
When your enterprise security is reliant on external, unregulated channels, you have a problem. The data and intel necessary for managing risk in digital transformation and staying secure and compliant is not within your sphere of influence.
The Threat Surface Has Grown Exponentially
In the past, you had a demarcated area which you patrolled and policed. You had your IT infrastructure to worry about, and that was it.
But now, you have to worry about the entire internet. Surface web and dark web. All the platforms and channels your enterprise utilize, and all the individual users out there interacting with various areas of your digital footprint. Harmful or noncompliant content, for which your enterprise is responsible, could be lurking anywhere. On a fake Facebook page you don’t know about; in the private messages of a wayward employee; deep in a forum.
Traditional security tools have no way to cast their net far enough and wide enough to scan all of cyberspace for possible digital transformation risks. They simply can’t do it. Properly mitigating digital risk means having a holistic view of everything occurring with an enterprise's digital sphere. Without dedicated tools, this is impossible.