The relative risk of cyber-attack for any organisation is influenced by the perceived value of the data it holds. Risk will vary by industry, with financial and healthcare data fetching a premium, but a range of other factors contribute to your overall risk profile. These are what security experts call “attack vectors”.
What makes your organisation an attractive target for cyber-criminals? A few thrill-seekers aside, most hackers are in it for the money. Sensitive information can be exploited for financial gain and stolen data changes hands for significant sums across both the dark web and more mundane file-sharing apps.
The volume, sensitivity and commercial value of data it what makes it so appealing. However, ease of acquisition is also high on the average cyber-criminal’s agenda. With this in mind, it’s important to note that an organisation’s IT infrastructure and choice of cybersecurity technology will determine how easy it is to hack.
The Breach Level Index shows that social media and hospitality industries suffered more than most last year – accounting for two thirds of all lost or stolen data records in 2018. These sectors are exposed to greater risk than most, because of the sheer volume of users and the “access anywhere” nature of the services they provide.
The trouble is, prevention technologies like firewalls can only get you so far. If the past ten years have taught us anything, it’s that IT and communications networks are not impenetrable. If the world was good at preventing unauthorised access, we wouldn’t see an average of six million records go missing every day.
Most organisations will have a cybersecurity strategy in place. The more security-aware ones will have a hybrid strategy that leverages a blend of prevention and protection technologies to secure both the physical infrastructure and the valuable data travelling across it.
In the event of a breach, the only way to prevent your data falling into the wrong hands is to make sure it is secured with strong and effective encryption. Those two words are really important – strong and effective. Not all encryption technologies offer the same degree of data security assurance (providing long-term data protection) and not all would pass the GDPR litmus test of strong and effective.
For the ultimate in data protection, organisations should be looking to implement high-assurance encryption, preferably certified by a reputable standards body. Designed for core IT and communications infrastructure operating at up to 100Gbps, high-assurance encryption exhibits four core characteristics. First, the hardware modules are single-purpose, dedicated encryption devices. Second, key management is embedded and accessible client-side only – not even the OEM has access to your keys. It goes without saying that high-assurance solutions should also leverage standards-based algorithms and offer end-to-end, authenticated encryption.
For wide-area networks and virtual CPE where bandwidths may be more modest, but scalability is important, organisations are increasingly turning to virtualised encryption to help secure borderless infrastructure, all the way to the virtual edge. Here again, not all solutions are the same.
Naturally, in addition to the ‘horses for courses’ consideration, there is a cost versus performance balance to be struck. High-assurance hardware is typically used for business-critical networks operating at high speeds. Its pre-determined, ultra-low latency means you get maximum encryption security without impacting on network and application performance or user experience.
Virtualised encryption, whilst not a high-assurance option, may still utilise end-to-end encryption and state-of-the-art key management to provide network managers and IT security professionals with the opportunity to cost-effectively secure thousands of links operating at up to 5Gbps. Because it is a virtual network function (VNF), the performance of your virtualised encryption solution is not pre-determined but will be influenced by the host and hypervisor configuration.
Whatever your choice of encryption technology, it needs to be fit for purpose. It needs to provide a level of data protection that makes it unattractive to malicious outsiders, plus offer simplicity at the point of use that makes it cost-effective to implement and manage.
Senetas is a global leader in the development of end-to-end encryption security solutions. Our products secure all types of networks and protect network and shared data for commercial, industrial, government and defence organisations.
Senetas solutions are single-purpose security products. Thanks to their security, performance and low total cost of ownership, our solutions are used to protect sensitive data in more than 35 countries.