Are You Focusing on the Wrong Threats?

wrong threatsYou’ve probably been breached already.

No kidding.

So, instead of focusing on the wrong threats, you should “assume breach” and begin to collect the data you’ll need to help you prevent further attacks.

In other words, assume that your average security controls are inadequate to stop a breach and concentrate on limiting the damage a hacker can do once (s)he is inside your network.

For too long, network security has focused on protecting the perimeter. This is certainly vital, but focusing only on this has left our systems more vulnerable to attack.

Where do Most Cyber Threats Come From?

Research suggests that 99 percent of the most successful attacks occur because of unpatched software and social engineering, but we’re simply not aligning our resources to focus on these things because of the never-ending onslaught of new security threats we’re challenged with facing.

To combat this thinking, you need data. And a data-driven security plan helps focus your attention on where your network is the most vulnerable.

  • Collect better threat intelligence,
  • Rank risks based on that intelligence,
  • Use logging and monitoring to collect metrics; and,
  • Create policies and procedures based on these rankings and metrics

“Assuming breach” isn’t admitting defeat, it’s simply learning from experience to build a better defense.

While it’s good to know that your firewall is blocking malware or your scanners have found thousands of vulnerable exploits, a better metric is to find out how many malware programs your antimalware software failed to detect and for how long.

But sometimes even large organizations don’t have the time or tools to assess this: was it unpatched software, a phishing email or a misconfiguration?

Long-Term Cybersecurity Protection

A Strategic Security Assessment or on-going Managed Security Services can assist in answering these questions over the long-haul.

An SSA can tell you everything about your security environment and what your company is doing (or not doing) to safeguard your systems while a Managed Security Service Provider can perform logging and monitoring and gather security intelligence to help you align your resources.

“Assuming breach” isn’t admitting defeat, it’s simply learning from experience to build a better defense.

Please let us know if we can lend you our experience to secure your future.

Comments are closed.