International Cyber Expo International Cyber Expo
  • About Us
Saturday, 11 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

User Isolation Protection: Stop Reacting and Get Back in Control

Organisations need to rethink the purpose of their approach to Information Security

by The Gurus
May 11, 2020
in Guru's Picks, Opinions & Analysis, Uncategorized
Home
Share on FacebookShare on Twitter

By Kevin Bailey, Managing Director & Principal – Security Research at Omnisperience 

When I look back at the cybersecurity industry, in the early 2000s it involved a few hundred vendors battling for their share of a ~$750 million market. The hacker was motivated by the chase and notoriety rather than monetary rewards. Fast forward to 2020 and sophisticated hackers have now established a matrix structure comparable to multinational corporations with the discipline, skills, diversity of products and a capability for R&D that delivers a conveyor belt of disruption, damage and a deficit to their targets.

Over the years the security industry has provided solutions to every known attack surface perpetrated by cyber criminals – swelling global revenues of the cybersecurity industry to $248 billion in the process. Yet continual data breaches, identity thefts and ransomware attacks clearly show that many of the solutions provided are really defensive in their design – meaning that organisations are playing catch up and second-guessing attacks as cyber-criminals have turned the tables from 20 years ago, utilising their skills and acquired data to control the narrative. To combat the sophisticated and industrialised approach to cyber-attacks that we are seeing, organisations need to rethink their approach and, importantly, the purpose of their approach.

The importance of data

Whatever the end game, it’s all about the data: both its value to businesses themselves, and its value to adversaries to guide and enable cyber-attacks.

Digital platforms have overtaken physical interactions in our connected world, vast datasets have been amassed that combine business, personal, location, financial and health data (amongst others). Not only is data the honeypot that cyber criminals seek, it’s also the starting point of any attack strategy, because it provides the intelligence needed to attack businesses and individuals.

Data is the starting point of any attack strategy, providing the intelligence for entry to businesses, while also inflicting [a digital] hurt on a user (the individual). User’s meanwhile are inherently the most fallible digital cog in the machine and cannot always be relied upon to follow processes and procedures. When a user is duped into sharing their data, they initiate a cause-and-effect event, once more relinquishing control.

So how can we start to get back control of our data and be confident in the interactions of platforms?

If everything the user does leads to the potential loss of data control, surely the best thing to do is to securely isolate the user – using technology to minimise their interactions, without compromising their ability to engage.

The criticality of the Air-Gap

To secure data it’s important to identify the ‘Air-Gaps’ – those places where the user needs to interact or make a decision during engagements. Two of the most obvious are:

  • the Access Layer – what can I use? (device), am I the user? (authentication) and what can I do? (permissions)
  • the Execute Layer: where can I go? (operation).

Both these layers have clearly visible and known Air-Gaps and opportunities for the cyber-criminal. Closing the Air-Gaps means closing down the ability of cyber criminals to gain access to platforms and data. New and proven technologies exist today to do just this. It is curious therefore why organisations are not embracing these more proactive products that focus on protecting both the user their experience and data, rather than relying on traditional reactive cybersecurity methods.

Introducing User Isolation Protection

User Isolation Protection is a new security category whose purpose is to allow seamless digital engagement while proactively securing the user and their data from cyber abuse. I acknowledge that there are many other areas that are critical to securing operations and hunting down cyber criminals. UIP does not advocate throwing everything away and starting again. What is does though is increase an organisation’s focus on the weakest link – the user – and clarify its purpose which is to protect the user from their own fallibility and the machinations of cyber criminals while not slowing the user down or reducing the effectiveness of the user. In other words, it is essential that the approach is not just effective but is unobtrusive.

For more information on this new approach, see the Omnisperience Green Paper: ‘Introducing a New Cybersecurity Category: User Isolation Protection’.

 

 

 

 

 

Share1Tweet
Previous Post

Personal data of four million dating app users hacked

Next Post

YouTube channel descriptions conceal Astaroth malware

Recent News

Cyber Shield

UK Government Unveils AI Powered Cyber Shield to Strengthen National Cyber Defense

July 10, 2026
KnowBe4 phishing by industry

Healthcare, Hospitality and Construction Named UK’s Most Phishing-Prone Industries

July 10, 2026
hand typing on keyboard

CitrixBleed 2 exploited in repeatable attack chain culminating in DragonForce ransomware, researchers find

July 9, 2026
malware

Huntress Uncovers ‘Vibe-Coded’ Malware Used to Map Active Directory Environments

July 8, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol