Blog Feed Post

The Human Side of Cybersecurity

As the waves of ransomware hitting the shores of companies around the world prove, today’s cybersecurity balance still tips toward the bad guys.

The odds are stacked against the good guys, as they need to mitigate all threats, whether they be against their networks, brands, or physical locations, while the hackers simply need to exploit a single vulnerability.

It doesn’t help that in today’s cloud-enabled, software-defined world, enterprise threat surfaces are expanding well past the traditional corporate perimeter, offering malefactors a welcome mat for their mischief.

Cybersecurity vendors are doing their best to help their customers understand and mitigate these threats, and newer technologies like big data and artificial intelligence are maturing, rapidly bringing new capabilities to enterprise cybersecurity solutions.

Yet the bad actors are still winning. They realize that enterprises are gearing up, but just like burglars casing a gated community, the cybercriminals realize they only need one house with a disarmed security system to make a score.

Just so with enterprise cybersecurity: the weaknesses are usually all too human. Humans falling for phishing attacks. Humans delaying the installation of critical security patches. Humans choosing insecure passwords. The list goes on and on.

Better technology can certainly help with such human weaknesses – better automation, better AI, better software overall. But machine-readable threat intelligence alone cannot detect and mitigate all the cyberthreats that today’s enterprises must deal with on a daily basis.

The Missing Piece of the Cybersecurity Puzzle

The missing piece of the puzzle is itself human: human expertise and ingenuity on the side of the good guys, working to stay one step ahead of the hackers.

Humans with the best tools at their fingertips – threat intelligence platforms to help sift through data and threat mitigation engines to automate blocking known bad actors – but also the skills, time, and attention necessary to make the most of such technology.

CISOs generally realize the importance of the human element in an adequate cybersecurity defense, of course. Their problem isn’t understanding the need, it’s filling the seats with qualified people.

Indeed, cybersecurity analysts are in desperately short supply – a shortage that has several ramifications for enterprise security. It drives up the cost of such people, and the ones a CISO is able to hire will likely be overworked and underskilled – a combination that ends up being a recipe for disaster.

LookingGlass Cyber Solutions is among a small cadre of vendors that is tackling the human side of the cybersecurity challenge.

LookingGlass offers technology that automates the collection and analysis of threat data – but the technology part of its offering is only part of the story.

LookingGlass also staffs a 24 x 7 crew of cybersecurity experts that analyze global cybersecurity threats on a continuous, real-time basis. This team – the LookingGlass Watch Desk – keeps tabs on known and emerging threats around the world, combining deep cybersecurity expertise with modern tools to deliver high-importance alerts within minutes of the detection of a suspicious event.

In conjunction with its Watch Desk, LookingGlass maintains a Special Investigations Unit (SIU) and Cyber Threat Intelligence Group (CTIG). Both teams leverage a vast database of available intelligence to conduct deep-dive investigations and analyses into information and physical security threats.

The Intellyx Take

The connotation of the ‘cyber’ prefix suggests that cybersecurity is a technology problem with a technology solution. However, technology is only part of the story. In reality, cybersecurity is a battle between people – bad actors on one side and the personnel at the companies they seek to compromise on the other.

True, both sides of these battles use technology, and in some cases, the best technology wins. For comprehensive threat prevention, however, enterprises must bring the human element to bear in order to beat the hackers at their own game.

In today’s resource-constrained business environment, staffing an adequate team of cybersecurity experts may simply not be possible – or at the least, can be quite expensive.

Threat prevention services that combine the latest technology with teams of seasoned cybersecurity experts like those from LookingGlass are an essential part of any enterprise cybersecurity portfolio.

Copyright © Intellyx LLC. LookingGlass™ Cyber Solutions is an Intellyx client. At the time of writing, none of the other organizations mentioned in this article are Intellyx clients. Intellyx retains full editorial control over the content of this paper. Image credit: Shutterstock.

Read the original blog entry...

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

Latest Stories
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
In the enterprise today, connected IoT devices are everywhere – both inside and outside corporate environments. The need to identify, manage, control and secure a quickly growing web of connections and outside devices is making the already challenging task of security even more important, and onerous. In his session at @ThingsExpo, Rich Boyer, CISO and Chief Architect for Security at NTT i3, discussed new ways of thinking and the approaches needed to address the emerging challenges of security i...
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, will discuss th...
In his opening keynote at 20th Cloud Expo, Michael Maximilien, Research Scientist, Architect, and Engineer at IBM, discussed the full potential of the cloud and social data requires artificial intelligence. By mixing Cloud Foundry and the rich set of Watson services, IBM's Bluemix is the best cloud operating system for enterprises today, providing rapid development and deployment of applications that can take advantage of the rich catalog of Watson services to help drive insights from the vast t...
Docker containers have brought great opportunities to shorten the deployment process through continuous integration and the delivery of applications and microservices. This applies equally to enterprise data centers as well as the cloud. In his session at 20th Cloud Expo, Jari Kolehmainen, founder and CTO of Kontena, discussed solutions and benefits of a deeply integrated deployment pipeline using technologies such as container management platforms, Docker containers, and the drone.io Cl tool. H...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
There is only one world-class Cloud event on earth, and that is Cloud Expo – which returns to Silicon Valley for the 21st Cloud Expo at the Santa Clara Convention Center, October 31 - November 2, 2017. Every Global 2000 enterprise in the world is now integrating cloud computing in some form into its IT development and operations. Midsize and small businesses are also migrating to the cloud in increasing numbers. Companies are each developing their unique mix of cloud technologies and service...
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, will introduce two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a...
Recently, IoT seems emerging as a solution vehicle for data analytics on real-world scenarios from setting a room temperature setting to predicting a component failure of an aircraft. Compared with developing an application or deploying a cloud service, is an IoT solution unique? If so, how? How does a typical IoT solution architecture consist? And what are the essential components and how are they relevant to each other? How does the security play out? What are the best practices in formulating...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
In his session at @ThingsExpo, Arvind Radhakrishnen discussed how IoT offers new business models in banking and financial services organizations with the capability to revolutionize products, payments, channels, business processes and asset management built on strong architectural foundation. The following topics were covered: How IoT stands to impact various business parameters including customer experience, cost and risk management within BFS organizations.
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
SYS-CON Events announced today that Elastifile will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Elastifile Cloud File System (ECFS) is software-defined data infrastructure designed for seamless and efficient management of dynamic workloads across heterogeneous environments. Elastifile provides the architecture needed to optimize your hybrid cloud environment, by facilitating efficient...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?