Cybersecurity Predictions: Effectiveness is measured by risk reduction
In the past, security technology wasn’t as regularly tested in the “real world” as it is today. That is, breaches are happening and being publicized at a far higher rate than ever before. There are seemingly multiple breaches a week. This means the security technology behind those breaches may get 15 minutes of undesired fame and the CSO gets a meeting with her boss.
Going forward, security vendors will need to answer the question, “Does this security technology work?” Security stakeholders within an enterprise will answer the question, “Does this security technology work for me?”
In mobile security, specifically mobile threat protection, we care about stopping known malware from infecting devices, identifying unknown malware, and something called “dwell time,” or the length of time between the malware appearing on a person’s device and the mobile security technology first detecting it.
Currently, there’s a lot of misunderstanding as to what these success metrics really mean. For example, there are a number of tests out there that test whether a solution can detect known pieces of malware. Unfortunately, this kind of isolated measurement only looks at what we know and not what is still living in the shadows and, maybe most importantly, how long it takes for a security technology to detect any kind of malware once a device encounters it.
Accountability should be evident in the product as well. For example, we don’t make the assumption that individuals using Lookout Mobile Security understand the ins-and-outs of security, so we present them with education to help them understand the threat they may be facing and what they can do about it. Enterprise IT administrators, however, are experts in the field who need deeper analytics that can surface, within a half second of a threat appearing on an individual’s device, threats to the enterprise and provide the ability to act.
It’s a shifting landscape of responsibility and accountability, but a worthy shift. Headline-making breaches pack the pressure on our solutions to show they work and on enterprise decision-makers to prove they’ve reduced risk. Checking the box isn’t going to last.