Here’s what Fortune 500 CISOs need to know when it comes to securing the weakest link in enterprises
Covertix provides definitive monitoring and protection of data found in any type of file used anywhere inside or outside the organization. A simple yet sophisticated rule set embedded in the file determines where, when and by whom materials can be viewed, printed, changed and shared regardless of the PC, cloud storage, mobile device or tablet. To learn more, please go to www.covertix.com.
Info Security PG: What emerging threats are enterprises least prepared for? In your view, what is the weakest link in most enterprise IT security operations?
Yoran Sirkis: In a data driven world, intellectual property and sensitive data is stored within the organization’s secured perimeter. For many years, enterprises have spent a lot of money protecting the perimeter against all kinds of emerging threats. Today, there are numerous ways to take information out of the enterprise – mainly because employees transfer and store data on their mobile devices, laptops, up in the cloud, all beyond the protected perimeter. Today, it is impossible to block off all the exit and entrance points into the enterprise.
Employee attacks and social hacking will only grow in sophistication and numbers. IT security operations need to realize that technology can do only so much and that changing human behavior within the enterprise is a long uphill battle worth fighting for.
So as of right now, we believe humans are the weakest link within the enterprise, regardless of how technology evolves to protect against the attackers.
About Yoran Sirkis
Yoran brings over 20 years of experience in the information security domain, including Data/Physical Risk Management arenas. Yoran served as a Managing Partner of Comsec Innovation and CEO of Comsec Cyber Solutions. Both are of Comsec Group, the largest dedicated information security company in Europe. Previously, Yoran served as the Vice President of Professional Services of Comsec Consulting in which he managed operations and a staff of over 100, established and operated international business units, and managed P&L of a multimillion dollar software and services business. Yoran holds an Eng. Industrial Management diploma specializing in Information Systems.
Info Security PG: What can enterprises do to improve their security posture in this area?
Yoran Sirkis: Enterprises need to identify which of their data is sensitive and confidential and focus on continuous protection for the entire lifetime and lifecycle of the data. The data in any type of file must be protected from creation, in motion and at rest.
Info Security PG: What security prediction would you make for the next 12 months? Why?
Yoran Sirkis: We expect that mobile malware will continue to grow with a sharp increase in attacks against end users. At the same time, privacy regulations as they relate to internet security will likely grow too.
In addition, individuals, not just enterprises, will be looking for ways to protected their communication and data found in email, the cloud and online interactions from known and unknown threats.
Info Security PG: What three pieces of advice would you give to Fortune 500 CISOs?
Yoran Sirkis: First, I would make certain that Fortune 500 CISOs completely understand that the boundaries of their organizations do not exist anymore. Accordingly, we believe that you must protect the data and the files that data is stored in when they are in motion or at rest and especially on any device or location.
Second, I would impress upon Fortune 500 CISOs as well as any C-level security executive that Security should be seen as a business enabler and as such should be easy to use and manage.
Finally, risk mitigation is a long term process and not an ad hoc solution.
Company: Covertix 4 Yad Harutzim Street, Kfar Sava, 4464102, Israel
Founded in: 2009 CEO: Yoran Sirkis Public or Private: Private Head Office in Country: Israel Products: SmartCipher Company’s Goals: Help enterprises protect their sensitive and confidential information both inside and outside the organization Key Words: File-level data protection
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN