Over the past several years, significant attention has been devoted to context-based information security writes Dave Clemente. This can be thought of as situational awareness that allows for more accurate security decisions. This fits into a larger trend of network situational awareness, and involves words such as intelligence and behavioural analytics.
There is little new about these terms and approaches. However, context-based information security is becoming more important, as cloud and mobile computing erase previously rigid network perimeters.
In addition, advances in data generation, collection and analysis are allowing networks to respond more intelligently to fast-moving or unexpected situations. This is helping companies with access and identity management (for example, is user X behaving unusually on my network?) and banks to reduce fraud (for example, does customer Y usually make purchases at 3am?).
The algorithms that underpin these systems are improving, and larger amounts of historical data are allowing for more finely calibrated context decisions.
Read more about context-aware security
However, this is not just a technical issue and the human element is a core part of the problem and the solution. After all, a human must decide what constitutes anomalous behaviour and design algorithms accordingly.
A recent ISF report addresses this challenge and looks at methods for moving employees beyond basic security awareness and towards behavioural change. In addition to improving general security behaviours, one recommended action in particular, making systems and processes as simple and user-friendly as possible, will improve context-based information security, by reducing the number of false positives generated when people circumvent security procedures to more easily accomplish daily tasks.
Context-based security is here to stay, and more intelligent networks are a natural response to growing complexity. It is time to think about the solutions your organisation needs and invest accordingly.
Dave Clemente is a senior research analyst with the Information Security Forum (ISF)
This was first published in March 2014