You should be looking at your defense as well as offense. Cybersecurity is not a one trick pony. It is an integrated and full discipline. You do not need to know all of these concepts personally but you do need to know that your bases are covered. I remember going into a client one time and there were very strong perimeter security defenses set up. Meaning they had good firewalls up to date and fully functional. They had good anti-spam defense to make sure they were not bringing anything bad into their email. They even had strong encryption on their endpoints. Meaning that they had all data going out of a corporate computer was scrambled before it was sent out their network.
But they were still having problems. The problems were mysterious and persistent. These problems had been going on for a long time, with no understanding of what it could be. They were mystified. They had good people that were on the job and kept things up to date they were dedicated and knowledgeable.
You Have To Get Points On The Board
In football, you can have the best defense in the NFL, and if you can’t get points on the board you will not win football games. All the other team has to do is score a simple field goal and they will win the game. And a team with only a good defense will always lose. It’s the same in cybersecurity, you need to be aggressively moving toward something as well as defending from something. This is the only way to have a balanced strategy.
Without this balanced strategy, your chances of staying secure are slim. It is the same as my writing on a layered approach. I have talked about your protection will come in layers. Not relying on one simple solution to protect you from everything.
What Are Your Layers?
So what did we do? Well, it did not take long to find out that there was something else going on. They were suffering from what we call an advanced persistent threat. And it’s just like the name says. The attack came in many different ways when one way did not work it used another. And only a good offensive strategy was going to detect these types of attacks.
Unfortunately, these are the types of attacks we are going to see more of in the future. So it makes sense to start investing in offensive technologies as well as defensive technologies now to make your company ready. I talked about this here. You need to be looking at cognitive adaptive security technologies. These technologies along with the defense as well as an offense will greatly improve your ability to protect your company. These technologies are actively looking for new threats and learning the network, so they can head off the next bad actor.
It is the same with your strategy your IT folks need to be actively using their tools to go out there and look for the next threat. Many companies wait for the next attack and then respond. This takes too long and too much data can be lost before it is detected. It is better to have a strategy of heading these attacks off proactively.