Let’s reminisce about the good old days. Remember when simple computer viruses sparked laughter, not outrage? A college campus computer virus would enter your system, coopt your mouse cursor, and send a set of googly eyes bouncing around the screen.
I remember years ago, when my hacker friends remotely changed the ringtone belonging to a mutual acquaintance. While the individual was delivering a speech to his local Chamber of Commerce, the friends phoned him, and his phone blared “It’s raining men.” The audience had a good laugh.
Attacks like this functioned as comic relief. The only incident response plan (IR) consisted of trying to resolve the issue in the moment. It went on and on like this, a merry-go-round of fun pranks. However, a few years later, when critical data went online, things weren’t so merry.
Old Habits, Pasta, and Prevention
Over time, hackers’ motivation morphed from light-hearted disruption to that of malicious intent. While the landscape changed, the archaic detection mentality remained in place. Detection is now a particular state of mind, and old habits die hard.
Because humans are creatures of habit, I sometimes find myself arbitrarily snapping raw spaghetti in half, before putting it in the pot of boiling water. Why? Across my entire childhood, that’s exactly what my mother did. Every time that spaghetti bolognaise was on the menu, she would boil a pot of water, grab a bunch of noodles, twist and snap them in half and then put both halves in the water. Naturally, as I learned to cook by watching my mother, I mimicked her and did the same thing for a decade into adulthood, until one day…
My wife asked why I did this. “I don’t know, it’s always been done this way,” I replied. I called my mother and asked her about this habit. “That’s the way my mother always did it” she responded. I called my grandmother to find out why. She responded, “back in those days [think WWI and WW2 rationing era], we only had one pot and it was so small that the pasta didn’t fit in it, so I had to break it in half!”
Seriously! Two generations of my family, snapping raw pasta in half, because 75 years ago, my grandmother owned only one small pot!
Once a mindset has taken root, it can be the hardest obstacle to overcome. It is certainly not the technology holding us back from a prevention-first architecture, it is the mindset.
Battles Can Be Won With Less, Not More
As new hacks are revealed, new technologies are birthed. We purchase them because we are accustomed to doing so. We add a myriad of blinking lights to our networks, giving us a false sense of security.
Do we really need all these disparate technologies to win the war?
When the revolutionary war between England and the New World erupted in October 1776, the British sent 25 warships down the Hudson River, accompanied by 700 skilled sailors, 2,000 trained redcoats and a slew of mercenaries stocking enough firepower to obliterate the newly formed rebel army. The Americans had neither the time nor the resources to build an armada to fight them. Fortunately, a strategic-thinking general, Benedict Arnold, thought to trick the English into a wild goose chase. While Arnold’s team used modified fishing boats, a poor match for British firepower and manpower, a lackadaisical pursuit on the part of the British combined with fierce American persistence and superior strategic thinking, enabled the Americans to prevail.
This example illustrates that sometimes it’s not about the quantity of resources available, so much as how you put your resources to use. Are you getting the most out of your tech, your people, and your cyber security protocol?
As a cyber security strategist, I truly understand the pressure on the security team from a revenue and business growth standpoint.
Prevention is easier than you might think. The first step is to ensure that your cyber security management can oversee/manage every single one of your devices. A high number of devices translates to an increased number of ways for hackers to get in. Ensure that your staff have the bandwidth to manage all of your security platforms, across all devices. To achieve equilibrium in this regard, keep your software collection straightforward and easy to manage.
In addition, come to an agreement with the executive team regarding which technologies security teams absolutely must have to be agile and successful, and which are not mission-critical. With fewer devices to manage, your team will see more throughput from the devices that you do have. This will enhance the longevity of your hardware, cost you less, and enable you to reap other strategic business benefits.
To further advance your prevention strategy, retrain your team to maximize the benefits of your cyber security technologies. Facilitate a meeting with your IPS manufacturer. Set rules and allowances specific to department needs. Capitalize on your sandboxing technology so that these departments can work while inspecting unknown traffic safely outside your network.
Implementing a foundational prevention strategy is easier than it may appear at the outset. Get out of the old mindset, and into the new.
Written by: Edwin Doyle. Global Security Strategist. Edwin Doyle works as the Global Security Strategist for Check Point Software Technologies, traveling the world talking to like minded cyber security professionals on how to improve the industry and make the world a safer place.