By Luca Rognoni, Chief Security Officer and Co-Founder, YEO Messaging
Cyber threat landscape has dramatically expanded in recent years due to an exponential increase of interconnected devices, systems, infrastructures inside and outside an organisation. New IT technologies means new cyber threats to assess, extended organisation network perimeters, new attacking surfaces to defend, new attacking vectors to be aware, reduced margin of error in cyber risks evaluation, but along with the increasing number of cyber threats also the amount of processed, transmitted and stored data has increased in any organisation.
Providing confidentiality and integrity of data in transit in this fast-growing cyber threat landscape is more critical than ever in an organisation’s cyber defence strategy, and secure communications play a key role in preventing data breaches and other cyber attacks.
A secure communication involves several components including: encryption, authentication, authorisation, integrity, non-repudiation. Encryption plays a crucial role in protecting confidentiality and integrity as it is a data security control that can be applied to the data when it is in all three different states of its lifecycle: at rest , in transit and in particular scenarios, to data in use too. In a layered security model, encryption is a direct information-protection technique that perfectly integrates in a defence-in-depth approach to data security.
Authentication and authorisation mechanisms ensure that only authorised personnel can access sensitive data. Authentication and authorisation have evolved into identity and access management systems allowing an organisation to ensure that only authorised individuals or entities are granted access to resources and determining what the individual or the entity is allowed to do based on their role or permissions, creating segmentations or isolations of systems, workspaces and personnel. A segmented approach to data access reduces escalation and impact of data breach. Identity and access control systems provide a comprehensive set of frameworks to enhance authentication and authorization through MFA, Contextual authentication, Single Sign-On and Federation.
Integrity of data ensures that the information transmitted is not tampered or altered during the communication and non-repudiation proves the authenticity of the data and the identity of the sender.
Looking at the cyber risk landscape of an organisation, mitigation of data breach for data in transit is one of the most important defence challenges that an organisation has to face as it involves several organisation areas through which data travel through, within and outside the organisation perimeter.
Fast emerging threats involving supply chains can be mitigated and the impact reduced with secure communications. As organisational data is moving within and outside of the network perimeter, passing through several organisations and infrastructures in complex supply chains, often difficult to risk assess completely, a direct information-protection technique like data encryption, policy-based access control and continue monitoring allow you to establish secure communication for data transfer, mitigating severe data breach along these long supply chains where data visibility is often reduced or lost at the edge of the organisation network perimeter. Secure tunnelling protocols like VPN (IPSec, WireGuard) using on-premises or cloud VPN proxy are fundamental to providing site-to-site secure connection between multiple networks. A secure supply chain management can rely on secure data exchange protocols like AS2/AS4, OFTP2 that provide strong security and flexibility in a B2B environment. Traditional S/MIME, SFTP, HTTPS and E2EE are still the solid foundation for secure communication of emails, web content and data exchange in general.
Cloud services from SaaS to IaaS are the lifeblood of any organisation but they also force the organisation to extend the defence perimeter outside where on-prem risk mitigation strategies are not applicable. Secure communications between organisation and its cloud infrastructures protect ingress and egress data traffic from sensitive user data to management plane network traffic. VPN protocols and VPN gateway services secure management plan network traffic, Secure Web Gateway, CASB and DLP creates secure communications to/from cloud infrastructures by enforcing organisation security policies and visibility in the everyday network traffic detecting and preventing data leak, policy violation and malicious content.
On-prem data traffic in particular north-south network traffic should always require secure communications implemented by segmenting networks and using firewalls and access control policies to control access to sensitive data. Internally to organisation the most difficult threat to mitigate a data leak, unintentional or not. Secure communications limit access to data and provide accountability and monitoring through DLP (data loss prevention) and Secure Web Gateway solutions that can monitor communication channels for sensitive data and prevent it from being shared with unauthorised parties, allowing secure collaboration solutions to be deployed to help organisations securely share data and collaborate on projects without exposing themselves to the risk of cyber attacks. Secure communication can protect email messages by encrypting their content, using digital signatures to verify the sender’s identity, and scanning email attachments for malware.
With the recent pandemic, remote or hybrid working environments have increased. They provide great flexibility and cost efficiency but they also expanded the attacking surface for an organisation, the defensive network perimeter of the organisation extends beyond on-prem or cloud infrastructures to remote worker infrastructures and networks, increasing the organisation inbound and outbound traffic of sensitive data. Secure communications are critical to protect and monitor confidential data like emails, video/audio conferences and now messaging. Secure communication is critical for mobility and can be implemented on mobile devices through the use of end-to-end encrypted and continuously authenticated secure messaging apps like that we designed and developed at YEO messaging, encrypted email protocols like S/MIME, mobile remote-access VPN and organisation managed Web-Application proxy and Secure Web Gateway.
Secure communications are essential for organisations that need to comply with industry regulations such as HIPAA, PCI DSS, or GDPR. These regulations require organisations to protect sensitive data and maintain secure communication channels to prevent data breaches by implementing secure communication protocols that provide end-to-end encryption, digital signatures, access controls, and other security features.
Finally, secure communication is a critical component in an organisation’s incident response plan. The plan should provide steps that should be taken in the event of a cyber attack, including how to maintain secure communication channels to prevent further data breaches and to continue to provide safe internal and external communications between incident response teams, executive management, legal counsel, law enforcement agencies, and other third-party vendors or consultants to quickly and securely facilitate coordination and collaboration between all parties involved.
About the Author
Luca Rognoni, Chief Security Officer & Co-Founder YEO Messaging, secure messaging that uses patented continuous facial recognition to authenticate users. Luca is a highly experienced software engineer, with over 25+ years experience in design and coding digital rights management (DRM), anti-virus, encrypted systems and other security software. He started his career as a software and hardware reverse engineering and device driver developer on Microsoft and Linux platforms back in 1999, with a focus on file system filter and network filter drivers. This gave him a strong foundation in developing core system software with interesting security applications, which sparked his interest in developing antivirus and anti-malware solutions.
Luca then moved into developing antivirus and anti-malware kernel engines and DRM solutions for software and data, including the DRM solution used by Microsoft Game Studio to protect Windows PC games, mobile security software development and penetration testing.
Luca Co-Founded YEO Messaging in 2017 and is responsible for developing YEO’s internal security, penetration resistance and global threat tolerance. YEO is available for business and individual users who want to know that the messages, files and media they share are secure, private, and only being viewed by the intended recipient, whether that’s a private picture or sensitive documents. As well as end-to-end encryption and geofencing features, YEO is the only app of its kind to use continuous facial recognition to verify not just the device, but the person looking at it.
Luca can be reached at Luca@yeomessaging.com and at our company website www.yeomessaging.com
Source: www.cyberdefensemagazine.com