Why we still need infosec's weakest link

Many agree that the weakest link in security lies with the end user, but, according to Check Point information systems vice president Jorge Steinfeld, you still need people for security if you don't want your business to grind to a halt.

Many agree that the weakest link in security lies with the end user, but, according to Check Point information systems vice president Jorge Steinfeld, you still need people for security if you don't want your business to grind to a halt.

(The Weakest Link image by bigcityal, CC BY 2.0)

Steinfeld said that when it came to data loss-prevention (DLP) software suites, automating the entire process was an easy way to disrupt a business and create chaos.

"Some of the companies that are in the security arena are trying to define very sophistic algorithms to recognise what is the type of information that you are sending out and try to define rules to block this information or log this information.

"This type of trend doesn't work. I have colleagues that are implementing DLP solutions that actually could not implement any blocking rule, because [they] stopped business five minutes after the blocking rules were implemented."

He said that what normally happens is that everyday business transactions, which often involve sending sensitive data to external parties, such as outside lawyers, customers, analysts or perhaps accountants, are being blocked by automated algorithms.

"They got phone calls from every business unit, saying, 'Hey, I need to send this contract to a third party.'"

Steinfeld said that security companies often downgrade their systems to a purely logging state as a workaround, but that this creates further problems. He said that it takes even more resources to continually comb through logs to look for anomalies, and even if such searches do find something, the company's sensitive data will have already been lost.

He said that the responsibility must be shifted to the user; instead of technology being used to make decisions for them, it should be used to highlight what they're sending, and ask them if sending such information is the right decision.

"By moving into that direction, it's much more effective."

Steinfeld estimated that in about 60 per cent of cases, users are examining information and choosing not to send the information after learning exactly what they are sending.

Fortunately, according to Steinfeld, Australia is a much more security-conscious nation than others.

"I think the level of attention and awareness of security in the Australian market is very high, and I think it is very good."

Check Point Australia and New Zealand managing director Scott McKinnel said that this was because the Australian financial institutes are heavily targeted, even more so than in the US, and that had forced them to pay greater attention.

"In the US, they have a fragmented banking system. They don't have the 'elephants' like [we] do here. Here there's only four major banks that control 92 per cent of the [financial sector]," McKinnel said.

According to him, that makes for a generally more secure nation, as the banks' experience is shared across industries.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All