The volumes of data available to security managers across organizations are reaching levels that are becoming unmanageable. Even though there are analytical systems in place to make sense of the information, there’s still far too much to look at.
As the notion of the “walled garden” continues to be just one approach that many security professionals have traditionally taken, having an inside-out view of the activity surrounding critical assets is just as important. But that’s also where the flood of information about valuable data comes in.
Using this as the basis of the problem they’re looking to solve, the two security experts have recently looked to armored cars as solution. No, not storing troves of valuable information within a moving steel vehicle, but rather, making parallels between the logistics process of an armored car and how many approach information security today.
“When you think about how the armored car world works, the logistics process is really designed to be trustless,” Christopher Ensey, chief operating officer at Dunbar Cybersecurity told Infosec Insider during a recent video interview at InfoSec World 2017 in Orlando. “So we really started to dig into the way that we do information security today, and that logistics process made a lot of sense to model.”
Teaming up on research with David Etue, vice president of managed services at security firm Rapid 7, the two found the logistics process that armored cars follow was a great example of leveraging a trustless environment in order to put gates in place that cut down exposure as much as possible. In turn, this provides security managers with visibility into the things that matter and the valuable assets they ultimately want to track.
“When we started this research there wasn’t really a term that was established in the normal language we use in information security,” Etue said. “We came up with secure data logistics as a way to describe this entire process. The mapping and the tracking of sensitive data throughout its entire lifecycle.”
With the overabundance of information readily available for security and risk departments today, many aren’t leveraging it in ways that can help further secure the network. But by adopting the mindset highlighted by Ensey and Etue, it can be both efficient and cost effective.
“The beauty of this is, if you take this mindset you can go make progress today in your SIEM or log management, or incident response processes, without investment in new areas,” Etue said.
In our recent video interview with Ensey and Etue [above], the two discuss their work on secure data logistics and why security managers should adopt a similar model when developing their security strategy.