As we discuss different challenges and techniques in security technologies we come across multiple ways to address these challenges. Keep in mind that this is not a technical blog and this is not a technical discussion but some technologies from time to time need to be understood by the layman. That is why I am here.
Sometimes we are looking at a threat and we address the threat but more importantly. We are entering the era of needing to anticipate the threat before it becomes a serious problem. The old adage by hockey legend Wayne Gretzky applies here “if you want to be good at hockey you play where the puck is if you want to be great at hockey you play where the puck is going to be.”
This exactly sums up where we are today in the state of cyber security processes technologies and procedures. Many companies today have a preventive mindset that tells them we are going to block all the most likely avenues into our company and then wait for the bad guys to try something. Then when that happens we will respond to that threat. This is known as the preventive model or the reactive model. This is fighting today’s battle with yesterday’s tactics.
Where Is The Puck?
All you have to do is look at the major breaches that have been occurring across the headlines every day and you will see evidence of this. When the average time to discover a major breach is around 4.5 months according to the Ponemon Institute, we have a problem. The hack against Home Depot took 6 months.
The great cyber bank robbery that covered many countries dozens of banks and took an estimated $1 billion and two years to discover was an example of this. The other fact is many times these attacks are not even discovered by the institution that got hacked. In the case of the great bank robbery, it was discovered by people at Kaspersky a well-respected security software vendor. The use of adaptive security technologies is key.
The Home Depot hack was discovered by people like Brian Krebs a security expert not employed by Home Depot. He noticed a huge number of credit card numbers being auctioned off on the black market in the dark web. These are the types of indicators that there is a highly reactive security regime in place. And these examples are the rule, not the exception.
Better To Be Predictive
Today there are cognitive adaptive security technologies out there that are using advanced systems to predict and anticipate what is going on with your security. These new technologies are looking for the extra clues hidden inside your traffic patterns, customer and employee behavior patterns, using machine learning and cognitive intelligence to predict these patterns out into the future or in an instantaneous fashion.
This translates into another technical term which is threat intelligence. Which is a fancy way of saying these platforms can give you the executives within your company the information you can use to make decisions based on cyber security at the policy level? Essentially what these cognitive security technologies do is mine a very valuable resource which your company has a lot of; your data. And from this data, they discover variances, patterns, probabilities, and then put them into useable reporting that you can use to make informed decisions.
As these cognitive adaptive security technologies grow and integrate with each other it will make it more and more difficult for the bad guys to be able to create attacks against your company. It will become more complex and they will have to jump through more hoops to get into your systems. When this happens it costs them more money. And when that happens then the bad guys will start to be deterred. It’s a brave new world out there.