4th May 2020
Omnisperience, the leading independent analyst and advisory firm focused on the B2B Telecoms Service Providers, their Vendors and Customers, has outlined a new cybersecurity category that focuses on the biggest risk that businesses have – the behaviour of their users. In its new green paper,
‘Introducing new cybersecurity category: User Isolation Protection’, the firm argues that optimising cybersecurity effectiveness requires businesses to make protecting users and their data their primary purpose.
Despite the best efforts of cybersecurity professionals and vendors, businesses are increasingly in the cross-hairs of cyber criminals, who are focusing on ever-more lucrative targets. Since the COVID-19 crisis began, the risk to businesses has substantially increased, due to more people working from home for the first time, businesses redeploying cybersecurity staff just to keep the lights on, and a wide range of new, unfamiliar and untested technologies having been ingested by businesses.
As is always the case, humans remain the weakest link in the cybersecurity chain. They want to connect from more places, to more things, and don’t want onerous security checks to slow them down. They’re also fallible and prone to making mistakes. It still only takes one employee to fail to spot a spear-phishing scam or visit a malware-contaminated platform to compromise an entire network. At risk is data, money, reputation and significant fines as a result of not complying with hard-hitting regulations such as GDPR.
Omnisperience argues that companies need to evolve beyond traditional approaches to cybersecurity that focus on features and single risk areas. Instead, they need to realign offerings around a new purpose, which is to protect the most vulnerable target of attacks – the user. By protecting the user, and making security intuitively and automatically part of the user’s digital experience, companies can move from mopping up breaches and firefighting cyber-attacks to proactively preventing future incidents that critically damage data, systems and businesses.
Omnisperience calls this User Isolation Protection (UIP), which involves securely isolating the user without compromising their capability to engage with their chosen platforms or systems. This new category does not invalidate current cybersecurity offerings, but rather it makes them more effective by clarifying their goal and purpose. This helps companies identify where they have gaps in their current cybersecurity estate and informs their purchasing of new technology.
“Until now, cybersecurity has largely been adopted and enriched retrospectively and reactively in response to an incident, with individual products focused on specific points of risk,” says Omnisperience’s Kevin Bailey. “Omnisperience advocates that by clarifying the real purpose of cybersecurity approaches and focusing on the most vulnerable point of entry – the user – cybersecurity offerings can be utilised more effectively and new technology can be adopted more confidently”.
Bailey goes on to say that for cybersecurity approaches to be optimally effective they have to be comprehensive and non-intrusive, as cyber criminals will use ‘Air-Gaps’ to attack users and humans being human will find workarounds or become frustrated if security provisions are too onerous. He continues: “The new UIP security category does two important things: it clarifies the purpose of the industry’s approach, which is to protect the user, and it emphasises the critical requirement for optimal efficacy which is the need for cybersecurity to be user-friendly and unintrusive”.
Key facts for editors
- Omnisperience defines UIP as follows: “User Isolation Protection is a security category whose purpose is to allow seamless digital engagement while proactively securing the user and their data from cyber abuse”.
- UIP combines many of the existing features found in current cybersecurity and information security protection but clarifies the purpose of solutions and requires that interactions with the security solution should be as non-intrusive as possible for the user – whether that is directly or indirectly non-intrusive.
- UIP protection involves utilising a UIP bridge which enables seamless digital engagement while simultaneously and proactively securing the user and their data from cyber abuse. The UIP bridge adopts a ‘first-point-of-access’ methodology that maintains basic principles for the device, the platform and the ability to interact.
Blog: Introducing a new cybersecurity category – UIP
Picture of Kevin Bailey:
Omnisperience is an analyst and consultancy firm that specialises in the telecoms, media and technology (TMT) sector, focusing on helping digital service providers deliver better services to their customers. Based in the UK, Omnisperience’s analysts are experts in telecommunications, data security, information management, IoT and Cloud, as well as how digital technology applies to key industry verticals such as automotive, food & beverages, hospitality, manufacturing, media, mining & minerals, oil & gas, pharmaceuticals, professional services, retail and travel & transport.
About Kevin Bailey
Kevin is the subject matter expert and practice lead for security and storage. He previously led IDC’s security practice and has worked for a range of major brands in the security space, as well as innovative start-ups. He is a judge for the GSMA’s GloMo Awards for security and identity management.
For more quotes, information or an interview, or to request a custom written story, please e-mail our Editorial Team.