A handful of high-profile data breaches have created the perception that organizations cannot adequately protect themselves against today’s sophisticated attacks. This perception simply isn’t reality. There are many reasons why successful attacks garner more widespread attention than ever before. And, there are steps any organization can take immediately to ensure they are evolving as the cyber attackers become increasingly sophisticated and insidious.
What’s driving this misperception? Laws and regulations require more companies to go public when security incidents occur. Service disruptions due to cyber attacks are more obvious to customers as social media efficiently spreads the details to a broad audience. Finally, an increase in hacktivism generated headlines in 2011.
Older security products cannot provide adequate protection. Vendors don’t release new versions just to generate revenue; their older technologies are less effective. Of the 3.1 billion attacks Symantec blocked in 2010, roughly half were stopped by its endpoint security software’s intrusion prevention technologies – proving that while signature-based AV plays a role in preventing threats, it’s not an exclusive role. Organizations must ensure they have deployed the latest technologies to mitigate attacks.
Additional necessary steps to ensure your organization is not leaving itself open to attack include developing and enforcing IT policies, controlling access, managing systems and focusing on information protection.
“Paranoid” is a good word to use – security pros are paid to be paranoid. Given the change in the threat landscape, the onus is on us, the security professionals, to keep evolving security postures to keep up with the bad guys. I look at the advances made to technologies that used to be thought of as “nice-to-have,” like DLP, encryption, intrusion prevention and reputation-based security. These advances are making it much harder for the bad guys to get in and get stuff out.