Back to Basics in Information Security

by Michael Smith (Veshengro)

Complexity heralds return of ‘back to basics’ approach in 2019 for information security professionals according to Infosecurity Europe poll and more than half (55%) of respondents say they plan to ‘go back to basics’ while 45% reveal they will invest in more technology

It appears that many organizations will begin the New Year and the new financial year by reviewing their security infrastructure and taking a ‘back to basics’ approach to information security. This is according to the latest in a series of social media polls conducted by Europe’s number one information security event, Infosecurity Europe 2019.

Asked what their ‘security mantra’ is for 2019, more than half, that is to say 55%, of respondents say they plan to ‘go back to basics’ while 45% reveal they will invest in more technology. According to Gartner, worldwide spending on information security products and services is forecast to grow 8.7 per cent to $124 billion in 2019.

When it comes to complexity, two-thirds believe that securing devices and personal data will become more (rather than less) complicated over the next 12 months. With Forrester predicting that 85 per cent of businesses will implement or plan to implement IoT solutions in 2019, this level of complexity is only set to increase with more connected devices and systems coming online.

However, many organizations will be looking to reduce complexity in their security architecture this year by maximizing what they already have in place. According to Infosecurity Europe’s poll, 60 per cent of respondents say that maximizing existing technologies is more important than using fewer vendors (40%).

If they'd really be honest about this then most of it would go back to paper and the filing cabinet as has, to a great extent with highly sensitive information, the Russian FSB and other of their security agencies have done.

It is easy to steal hundreds of thousands and more of electronic data with a simple click, a USB stick, and a little transfer time, and at times, via hacks, no direct physical access to the machines is actually needed. Stealing some locked filing cabinets, on the other hand, is a different task altogether and might require a truck or two. They, generally, do not fit into the palm of the hand.

Data theft is but one issue, however. They other, as far as digital infrastructure is concerned, is unauthorized access with the aim of manipulating data, erasing data, or even disrupting whatever operations the systems run, including power distribution, air traffic control, etc.

We have become, and this is not the first time that I am stating this, far too reliant on computers and especially the IoT (Internet of things). There was a time we were concerned that our homes, especially those of us where that was a concern, might be bugged. Today we invite the bugs right into our homes and offices. Do you really know what Alexa and Siri are listening to? Who or what your web-cam may be watching? You Internet-connected monitor in your child's room may be hijacked and the images being viewed remotely. Even your remote-controlled alarm system at home and business premises is hackable.

Let's get truly “back to basics” in data security and digital security and keep a much tighter check on what information we hold on potentially hackable systems. Let's remember all digital systems are hackable, it is only a matter of time, and that time is not written in days or hours even but can be minutes to but seconds.

© 2019