author photo
By Daniel Miller
Sun | Jan 14, 2018 | 2:02 PM PST

According to Experian’s Managing Insider Risk Through Training and Culture Report, 66 percent of the data protection and privacy training professionals that were surveyed labeled their employees as the “weakest link” when attempting to safeguard their organization from cyber threats.

Whether users are negligent, careless, or simply uninformed, implementing a perimeter defense is essential to protecting business-critical data and back-end systems from the risk of cyber threats.

The most common human mistakes in cybersecurity are clicking on links, opening unknown attachments, and entering personal or confidential information into a seemingly friendly (and familiar) account. These errors are driven by social engineering, a technique utilized by hackers to take advantage of human behavior in order to successfully pull off a ruse or scam.

Social engineering a key concern

In CompTIA’s International Trends in Cybersecurity research, 52 percent of respondents felt cybersecurity issues were caused by human factors. Most cybersecurity breaches were caused due to a direct effect of users who were lured by nondescript links and payloads delivered via browsers and email, respectively.

Social engineering is not a new concept. Hackers depend on manipulation to trick people into clicking links that they should otherwise avoid in order to obtain access to their network.

The most reliable approach to establishing a perimeter defense that prevents socially-engineered attacks is to eliminate the dependency on human intelligence, which despite hours of training and intellect, is unfortunately still no match for skillful hackers.

Light at the end of the cybersecurity tunnel

Remote browser isolation technology offers a new approach to cybersecurity and safeguarding against the human factor. Transparent to users, it handles browsing sessions remotely, blocking web-borne threats from penetrating endpoints and IT infrastructure. Separating the endpoint from malicious content, browser isolation eliminates the web threat vector while ensuring accessibility and productivity.

By offering an added layer of safety to existing security frameworks, browser isolation facilitates virtual browsing sessions hosted in disposable Linux containers running in a remote safe zone, either on-premise or in the cloud. Through the integration of file sanitization capabilities, such as content disarm and reconstruction (CDR), organizations can further protect themselves from malware and other malicious payloads that are erroneously downloaded.

Abundance of cyber threats

Vulnerabilities in today’s security frameworks require a new approach, especially as the internet continues to be engrained in all facets of business operations. While connectivity and mobility present new possibilities for achieving efficiencies, they can also create security issues if not properly deployed and managed.

Hackers are smarter and more cunning and are relying on human errors through social engineering to find a way in. Last year, the global reach of WannaCry, NotPetya, and Bad Rabbit were a few reminders of how organizations were exposed.

Remote browser isolation represents the next generation of cyber defense, making it more difficult for networks to be compromised due to human error. This sentiment is also echoed by industry analysts. For example, IDC's cybersecurity report on “validating the known” further illustrates the sophistication of these solutions, and Gartner believes this technology will continue to evolve.

Hackers will have to conjure up new ways to exploit IT infrastructure, as organizations bolster their current defense-in-depth strategy by deploying remote browser isolation.

This technology is a “win-win” for organizations, as they can protect their networks and give users full access to the internet. At the same time, the centralization of safe zones and containment eliminates the need for IT to manage costly endpoint patches and software updates and greatly reduces the human factor.