Building A Bigger Wall Will Lead to a Crumbling Cybersecurity Strategy
By David Shefter
Companies that sit back and develop a security posture based solely on prevention will put their business performance and brand reputation at considerable risk. Companies that take a more aggressive – even maverick – approach to risk and cybersecurity will win.
Business leaders will be faced with this extreme dichotomy more and more over the next five years.
Information Security Leaders such as CISOs and CIOs will increasingly face pressure tied to their individual and company reputation and financial performance when it comes to defining a risk and security posture. As we recall, Target lost nearly $8 billion in market value over three months due to a massive data breach. It forced Target to aggressively change its approach to cybersecurity while restoring faith and trust in the company from consumers and the business community, ultimately stabilizing their market and shareholder valuation.
Wells Fargo, Capital One and others must do the same ahead of the curve, while showing a level of transparency – as I believe that “Transparency is the Basis for Trust.”
If you’re a startup trying to win at the platform game, you need a special differentiator like relayr, Uptake, and C3.ai – or you’re going bite the dust.
Cyberattacks are now an expected part of our day-to-day, mainly because the cost to launch an attack has decreased from as much as $100k 10-15 years ago (for equipment, Internet access, personnel, etc.) to as little as $500 now (laptop, Internet access, a few dollars for darkweb malware, etc.).
And because of this low barrier to entry, “building a bigger wall” is no longer sufficient for companies.
Organizations need to implement proactive, offensive cyber techniques focused on uncovering threats both on and off their networks – within and beyond the perimeter. There are several approaches to offensive cyber defense, including advanced threat hunting and AI-based resilience, plus widening the aperture on finding and tracking threat actors as they communicate with one another to plan attacks.
The average dwell time on your network for an “adversary” is estimated at 170-220 days prior to your organization discovering it. These adversaries can reside directly on your network and devices such as laptops and desktops, and they typically defeat “rule-based” defenses through malware that is polymorphic, obfuscated, dynamic, “transparently hidden” right in front of you, and placed via an easy entry point.
To evolve faster than the attackers, we need to implement offense-oriented tools (leveraged by well-trained analysts) that can process enormous amounts of data at machine speed, either through advanced cognitive engines and significant hardware or natively scalable cloud-based automation with new and emerging technology companies. This will provide significant added-value to supplement traditional defense-oriented teams and skills, since no one should know your environment better than yourself – which requires constant validation, hunting, and attacking.
Be safe out there.