Summit: UK 'in danger of being left behind' on security

Behavioural monitoring can help to stop malicious insiders

A leading security expert has warned that UK organisations need to focus more security efforts on behavioural monitoring of employees, or risk failing on data security and falling behind on the global stage.

Stuart Okin, former chief security advisor of Microsoft and now UK MD of consultancy Comsec, said the current information overload facing firms means they cannot afford to take a reactive approach

"What we've done historically is look at the back end – tagging, archiving, encryption – essentially where the data is stored, but that strategy cannot continue with the current amount of data," he added.

"We must shift our focus to the front end – how data is accessed, who it's accessed by and what they're doing with it – monitoring the behaviour of individuals in enterprises."

Okin argued that only by combining this behavioural monitoring with more traditional security strategies that focus on securing the data where it is stored, and user education, can UK firms hope to adequately protect the vast amount of information they are handling.

He said the technology has been in place to do this for the past 18 months, and that the current economic climate should be providing extra incentive for firms to focus on this as a new way to improve the bottom line through fraud reduction.

"The US, Israel and others have really stepped up on this but we're in danger of being left behind," said Okin. "We don't understand the value of the information we have and we're not doing enough to protect the flow of that information."

Dave Rand, chief technology officer at security vendor Trend Micro, agreed that in time, IT teams would move to more proactive monitoring strategies.

"We've been talking about AI for the past 50 years, well now we have something that computers can be taught to look for, anomalous patterns – it's straightforward and simple and the credit card industry is a great example of that," he explained.

However, other experts were more optimistic about the progress UK organisations are making. Mike Maddison, head of security at consultancy Deloitte, argued that firms now recognise at a board level the importance of secure information handling and user education.

"I'm optimistic, because there's a recognition that this needs to be embedded into the day-to-day running of the business," he added.

"The role of information protection is more visible too, as is the role of risk management. You just have to look at the number of chief information security officer (CISO) roles at a senior reporting level that there are now."

However, Comsec's Okin warned that many organisations are still not set up to take on the proactive approach to information security he advocates.

He said that out of 22 CISOs he had met in the past year, only one knew the overall spending on security controls and countermeasures, because in most organisations things like network, application security or fraud protection are carried out by different departments.

"They are focused on awareness-raising, encryption, data storage and dealing with incidents as they occur," he warned. "If they are only focused on the back end infrastructure system and not talking to their fraud counterparts on a day-to-day basis, how are we possibly going to get on the front foot?"

Visit our dedicated Summit web site for more breaking news, views, analysis and video on the topic of Information Overload.