Finding a Cure for Cybercrime
In many ways, the menace of cybercrime can be likened to the prevalence of the Black Death in 1346: practically everyone’s heard of it; most people know someone who’s been afflicted by it; yet no one knows how to eliminate it. The fear, uncertainty and doubt such an existential threat propagates across society leads to the equivalent of snake oil salesmen offering miracle cures.
In the modern business environment, how can executives ensure their security investments are truly beneficial to their organisation’s cyber security when they’re confronted by an abundance of security technologies and services that still don’t seem to address the fundamental problem?
Most enterprises already have a security budget, used to fund the people, processes and technology that defend their assets. However, the rapidly evolving threat environment introduces a never ending stream of new products and technologies into the market to address this issue. This creates additional pressure to executives, implying they need to invest more money into new technologies – otherwise they’ll not be protected from the latest form of cyberattack. The cyber security industry has become confusing for executives, making it increasingly difficult to build a cogent business case for further investment.
What’s interesting to me is many businesses already have the tools and technologies to detect even the most insidious of cyber threats. They don’t need to re-architect their infrastructure or buy the latest iteration of security controls, since the majority of threats are fundamentally the same. In fact, buying more equipment can actually introduce further complexity and noise, with more systems for internal teams to manage, as well as another attack surface for the hackers to target. It’s time to take stock and get the most out of current investments before buying any more snake oil.
Understanding behaviour is the key. You need to know where your assets are, what value those assets have, how information or services are accessed, what normal behaviour looks like and what’s permitted by your organisation’s policy. To garner enough security intelligence to know what’s happening and react to it in time, focus on building an intelligence capability that combines the answers to all these questions and allows you to make sense of what you see.
By connecting the intelligence feeds from each of the systems and sensors installed in your environment, it’s possible to render a real-time cybersecurity heat map that allows you to detect and respond to cyber threats before they can take hold.
The exciting part is this: organisations already have the technology they need to detect cyberattacks – what’s missing is a means to ingest that information and build a noise-free picture of their cyber security environment.
Getting into the Groove
Practically everything we do in life centres around a few simple routines, influenced by what’s important to individuals, their families, hobbies and work. In my case, it’s all about family, work and music. Life itself takes on a natural rhythm – one that makes us feel safe and provides a familiar and natural groove.
The point is, by becoming familiar with the natural rhythms and grooves within our businesses, detecting things that upset the harmony, throw off the beat or strike discord with the song, make detecting those bum notes easier.
This analogy also applies to detecting cyberattacks. Removing the noise that might be masking your organisation’s tune of normal behaviour allows you to hear the normal groove, rhythm and song of what a threat-free environment sounds like. Once you remove the noise and hear the tune, it’s much easier to detect the anomalies – giving you peace of mind that while everything sounds okay, you can rest assured that the show goes on.
Hearing the security tune is not something you can do in isolation. Interestingly, cyber security is also not a solo act: you’re relying on an entire orchestra of people, processes and technologies, along with the right partnerships to harmonise with your song.
The musicians can be local support teams, industry partners and service providers; each of whom focuses on the individual needs of their section of the music. Every new member of your orchestra needs to get into the groove, rather than playing what they want to play – i.e. people and products need to integrate into your environment in such a way as to add value to the security story, not just to provide a ‘tick in the box’.
Furthermore, communication between members of your orchestra is imperative to its success, which is why a conductor is vital to keep everyone in sync. This is critical to success.
If we ever want to be successful in defeating cybercrime, we need to build security systems that work together to achieve a common goal. Buying product after product based on point solutions from vendors will only introduce disharmony and complexity into your environment that you don’t need.
Take time to look at what you do have today and find a partner that you can trust to conduct your orchestra. It is incumbent on Service Providers like Kinetic IT to equip businesses with the right information to allow them to see through the noise.
A trusted partner in security should be able to recommend a plan to address the challenges you face today. Executives should expect thought leadership from their Service Providers and challenge them to align their solutions to the business strategy – not the other way around.