I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”
To which I say, frankly, that view is nuts. Totally bonkers.
Effective prevention, detection and response is the goal of information security
Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.
Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.
The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.
Use October to re-commit your organization to cybersecurity awareness
I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.
Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations. The Internet Crime Complaint Center noted recently that in the last three years we’ve seen over $26 billion dollars lost to these attacks. Technical controls can help, but the most important step we can take is educating individuals about the types of attacks that they can expect to see and how to report them.
Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.
Happy October, and Happy Cybersecurity Awareness Month!
Related Articles
Understanding the “attacker mindset” in security
