Preempt Blog

The latest insights and advice to keep your company protected from insider threats and breaches

RSA Conference 2020: The Human Element

Every year, thousands of experts and pioneers descend upon the annual RSA conference to share and learn about what lies ahead in the cybersecurity world. In 2020, the main theme for the RSA conference was ‘Human Element’.

At Preempt, we believe an organizations’ workforce is part of the security fabric. Even though your employees are passively taking part in enterprise security, it should be made easy for them to actively maintain a strong cybersecurity posture. Here are the top 5 guidelines that Preempt recommends when it comes to managing the ‘human element’ in enterprise security.

  • Every Human is an indicator. It is important to capture the ‘Human’ feedback and use it to improve fidelity. For instance, MFA results are one of high quality indicators that are constantly ignored by today’s security systems even though they provide us with more accurate output. It is one thing for an algorithm to train itself and understand what is normal and what’s not, but if you combine that with high-fidelity indicator, the algorithm becomes more robust. This ‘Human Element’ feedback (approval or disapproval of access) increases the accuracy of the algorithm, when it evaluates if an access is to be trusted or suspicious.
  • Zero Friction vs Zero Trust. While Zero Trust resonates with many, the message can be misleading for some. Zero Trust is all about not trusting the ‘Human Element’, which sometimes creates friction in user experience. At Preempt, we always recommend that Zero Friction approach is the way to go. We help out organizations smooth out hindrances for the ‘Human Element’ and control the friction. That way, friction in the form of MFA or Block access can only be introduced when there is a strong indicator that there is a high risk of compromise. I believe this paves the ground for a future of seamless authentication experience.
  • Empowerment to the Human Element. The processes that’ve been put in place to grant or prevent access requests are essential, but they are cumbersome and not enforceable most of the time, which is why employees find ways to bypass them. With Preempt, our customers can offload some or all the decisions on the workforce based on security rules, threats and risks. Employees decide if they have to approve access to resources they normally do not access. While it is possible to segment highly restricted resources or identities, such security architecture can streamline access management and save time, so admins can deal with the more important stuff than noise.
  • Make security personal. At the end of the day, machine learning, AI and other advanced technologies help us to make security personal. We do not have to apply the same rules for everyone. The rules now can be adaptive and tuned to the individual user identity behavior and risk profile.
  • More control to the operator. Machine Learning rules are sometimes considered as black box where specific input gets output, with no control on what happens inside. At the AI Security Alliance panel at RSA 2020, everyone concurred that the machines are indeed biased and this is a hidden risk – the risk that comes with the slow drift in bias. This drift will make us lose track of the bias, leading us to think that this is normal, according to Kapil Raina, VP Marketing at Preempt and Chair of AI Security Alliance. The ability to get transparency and access to the parameters of the ML algorithms used can help detect and even correct this bias. Ideally, over time, there will emerge an industry standard for measuring this drift and a baseline “normal” for specific scenarios.

At Preempt, we believe that security systems should be ‘hands-off’, but in the meantime operators should have control to tune detection rules when needed.

Topics: Conditional Access,

Posted by Eran Cohen on March 17, 2020 4:46 PM

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More

Developer

What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus...

Read More

Events

A Simplified Approach to Network Segmentation

Network segmentation has long been one of the most valuable tools for protecting ...

Read More

Research

10 Things You Need to Know About Kerberos

As our research team continues to find vulnerabilities in Microsoft that bypass all major

Read More

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More