The Mercury - - OPINION & ANALYSIS - Meerah Ra­javel Meerah Ra­javel is For­ce­point’s chief digital in­for­ma­tion of­fi­cer.

AS THE CHIEF digital in­for­ma­tion of­fi­cer (CIO) of For­ce­point, a global hu­man-cen­tric cy­ber-se­cu­rity com­pany, I get ex­posed daily to ven­dors try­ing to sell me a mul­ti­tude of tech­nolo­gies. Some come from across the coun­try, while oth­ers sit just a few of­fices away in the same build­ing.

While I have, of course, im­ple­mented many For­ce­point so­lu­tions, there is noth­ing com­pelling me to do so. I have the free­dom to choose the tech­nolo­gies that work best for my en­vi­ron­ment and pro­tect the com­pany.

My chief in­for­ma­tion se­cu­rity of­fi­cer (Ciso) and I of­ten have con­ver­sa­tions around the types of tech­nol­ogy we want to bring in, and one of the most im­por­tant things we look for are prod­ucts and so­lu­tions that help me do more with less, and that of­fer su­pe­rior ef­fec­tive­ness and ef­fi­cacy.

As with many other or­gan­i­sa­tions of our size, scal­ing in­ter­nal se­cu­rity an­a­lysts to match the rate of grow­ing threats, while not com­pro­mis­ing the speed of res­o­lu­tion, is a chal­lenge.

Any se­cu­rity so­lu­tion that can help to sep­a­rate the sig­nal from the noise – ei­ther by re­duc­ing the num­ber of alerts or help­ing the an­a­lysts to fo­cus on in­ves­ti­ga­tions – that’s what I want to pri­ori­tise.

When the prod­uct team at For­ce­point started shar­ing this con­cept of Dy­namic Data Pro­tec­tion and how it could start to trans­form se­cu­rity pos­tures, it piqued my in­ter­est, and we stayed close to the so­lu­tion. As the team got closer to bringing this ca­pa­bil­ity to mar­ket, I jumped at the op­por­tu­nity to be Cus­tomer Zero. The prospect of us­ing an­a­lyt­ics to es­tab­lish in­tent and help in­form en­force­ment was some­thing that hit on all my pri­or­i­ties.

I was de­lighted to be able to share our story re­cently at the RSA Con­fer­ence in San Fran­cisco in a talk ti­tled Ex­tend­ing Be­havioural In­sights into Risk-Adap­tive Pro­tec­tion and En­force­ment, and I’ve cap­tured some

We’re still pretty early on in our de­ploy­ment, but in­di­ca­tors show that we’re scratch­ing the sur­face of un­lock­ing the po­ten­tial of this ca­pa­bil­ity.

em­ployee pop­u­la­tion – who seemed very re­cep­tive. Trust is key for the suc­cess of a hu­man-cen­tric se­cu­rity pro­gramme, and trans­parency goes a long way.

The next step was to iden­tify the risk poli­cies we wanted to move from be­ing static to dy­namic and risk-adap­tive. We have cho­sen to mi­grate many of our poli­cies to the new frame­work, but don’t nec­es­sar­ily want to make them all vari­able re­lated to the risk level of the in­di­vid­ual. There are many poli­cies re­lated to com­pli­ance reg­u­la­tions, such as Gen­eral Data Pro­tec­tion Reg­u­la­tion, and sen­si­tive data that we want to en­sure will be blocked from data ex­fil­tra­tion.

For those poli­cies, we will se­lect an ac­tion plan that “blocks all”, re­gard­less of risk score. We be­lieve these ac­count for about half the ex­ist­ing poli­cies. For the re­main­der, we be­lieve ad­di­tional con­text can help in­form the en­force­ment, and we can add more gran­u­lar­ity around the ac­tion plans. Our cri­te­ria in­cludes con­di­tions where we be­lieve hav­ing more in­for­ma­tion about the be­hav­iour of the

Newspapers in English

Newspapers from South Africa

© PressReader. All rights reserved.