January 10, 2018 | Written by: Dejan Vukovic
Share this post:
Well, it should be me – the one who owns my data. But is this really the case?
A couple of days ago during a coffee break, I was talking with a friend of mine who was just moving to a new apartment. He has just finished all the paperwork and received the keys of his new flat while his family was still in another country. They were waiting for him to set everything up so they could move in as seamlessly as possible. He wanted to surprise them, which is why he was the only one, apart from public services companies providing water supply, electricity, utilities etc., who knew their new home address.
Upon the arrival to their new home, they were quite surprised because their new mailbox was already full even though they haven’t informed anyone about their new address yet. A lot of promotional material was already there and it was addressed properly to all four family members. Even though it was nice to know where the nearest gym and the playground for their young son is, or where his daughter can master her violin skills, it was still quite frightening that all those companies knew so much about the family and that they had acquired all this information without their consent.
It is obvious that in this case, utility companies “sold” their data to third party marketing agencies.
Is there any analogy in digital cyberspace? The majority of us had, at least once in our lives, the opportunity to download an application to our smart phone or a tablet. Have you ever asked yourself, while downloading a FREE game or a FREE application that will help you learn how to tie a tie, or any other FREE app, why did it ask your permission for access to your phonebook and GPS data, or your pictures and videos? Well, the answer is that nothing in this world is for FREE. If the application is FREE, it only means that it is not the app that is the merchandise – it is you, or more specifically, your data that is on sale.
And this is just a beginning. Every day, someone asks us to provide our personal identifiable information – PII – from different government and public entities, to enterprises and utility companies. Not to be perceived wrong, there are situations when those organizations need certain information from you and have the right to acquire it. However, there are many cases when they ask people to provide many more details than they really need. Still some questions remain open – can we be 100% sure about how they are going to use this information? How safe is our data with them? How are they protecting our data from being misused by someone with malicious ideas? Can we be sure that the companies control or at least monitor who is accessing our data and what they are doing with it?
Those questions were also posed by one of the regional telecommunications service providers in Southeast Europe when they decided to invest in data protection. The idea behind it was to find out where they were storing sensitive data, then to monitor access to the sensitive client information, determine whether the person accessing it has the right to do so and if not, to block their access or even to mask the sensitive parts of information. Since this was case with an international company, they were obliged to follow different national laws regarding data protection. In this regard, IBM Guardium was the perfect match for this challenge because the company wanted a state-of-the-art solution that will once again confirm their commitment to keep client satisfaction as a top priority.
The same questions were also bothering a central IT government agency in Croatia, APIS IT when they decided to invest in data protection. APIS IT wanted to be sure where citizens’ sensitive data is stored, then monitor who is accessing the sensitive information, if they have the right to do that and if not, to block their access or even to mask the sensitive part of information, such as citizens’ ID numbers. APIS IT wanted a solution that will confirm the agency’s commitment to keep citizens’ data safe as a top priority and the agency turns to IBM Security.
Overall, the good news is that we enjoy nominal protection through legislation – national security information laws, PII data protection laws etc. At the EU level, there is the General Data Protection Regulation (GDPR) that will become enforceable 25 May 2018.
Considering all the above, most of the companies still need to adopt fundamental solutions regarding security. While speaking with IBM clients over the past years, I have noticed that there are still different issues that clients face, such as basic logging, adding another tool, ignoring privileges, failures to identify critical data, not getting value from the deployed tools, no incident response plan etc.
Why is it so hard? There are a couple of reasons.
First, companies are overloaded with data – usually they need more than 200 days to detect a breach.
This was the case with a number of companies in Southeast Europe, which were overloaded with data and were therefore faced with a challenge of finding relevant information in the overall noise. Even though they come from different industries, a common problem for UniCredit bank, Central bank of Serbia, Power utility company or numerous national government entities and institutions in Southeast Europe, was the ability to handle an extremely huge amount of information, to correlate all data in real time and to focus on data crucial for security reaction. They choose IBM QRadar platform to help them understand what is important in this sea of information. It is not only about monitoring for security alerts but the aim is to know what to do at the right moment.
For most of them this was a basic element in building a Security Operation Center (SOC) – the QRadar is intelligence, eyes and heart of their SOC.
Second – “mind the gap”. Common issue for most of the companies is a gap in terms of skilled security resources. It is expected that by 2020 there will be 1.8M unfilled jobs in the cyber security sector(1)!
A company in SEE that supplies natural gas through pipelines to residential and commercial customers was in a similar situation as they were searching for an alternative solution that would help them to close, or at least to decrease this gap. The path they chose was building on cognitive bricks – artificial intelligence delivered through IBM QRadar Advisor with Watson. The idea was to provide them with an expert assistant, or an advisory capability, so that they would be able to leverage all human generated knowledge and make their security stuff more efficient and more knowledgeable. QRadar Advisor with Watson is used by security staff in order to shorten the time they need to investigate incidents – from days or weeks to hours or minutes.
Finally, companies have an issue with tooling complexity – for example, I discovered that one bank was using 85 different tools from 45 security vendors.
Not surprisingly, with each added tool, the costs associated with the installation, configuration, management, upgrades and patches continue to grow. And with the skills gap plaguing the industry, the necessary expertise is not always available, so it is easy to see how more threats continue to generate more vendors, more tools — and more headaches.
The expanding security arsenal of fragmented, disconnected point products has added a lot of complexity without significantly improving the overall security of the organization. The result? A bloated infrastructure that makes it more difficult to monitor the entire network, often leaving security teams to operate in the dark.
That is why we say it’s time to take a more holistic view of your security portfolio. The IBM Security immune system is a fully integrated approach that allows its components to grow and adapt within the infrastructure—working together to improve their effectiveness, so they can deliver intelligence, visibility and actionable insights across the entire system.
IBM monitors 35 billion security events per day for 17,500 clients in more than 133 countries. By combining the security immune system with advanced cognitive computing, we allow the organizations to continue innovating while securing their most critical data and processes.
And to return to the initial question… It seems that the most important question is: How is my data protected?
1) The 2017 Global Information Security Workforce Study: Women in Cybersecurity, March 2017
*The information in this blog is provided “as is” without warranty of any kind. The referenced IBM products are warranted according to the terms and conditions of the agreements under which they are provided”