I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”
To which I say, frankly, that view is nuts. Totally bonkers.
Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.
Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.
The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.
I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.
Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations.
Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.
Happy October, and Happy Cybersecurity Awareness Month!
Understanding the “attacker mindset” in security