No one wants an attacker or malware in their systems. That’s why the information security community spends so much time and effort on prevention. We try our best to implement defenses that stop today’s threats, while imagining new safeguards to catch future ones.
The problem is, complete prevention is simply an infeasible goal. We’re all human. No matter their competence, engineers will occasionally make mistakes that expose new vulnerabilities. Furthermore, even if we had that unattainable “perfect security system,” users would still mess up and introduce new threats. Meanwhile, crafty hackers continue to find new holes to exploit. No matter how great your defense, it’ll never be perfect.
That’s why visibility should play an important role in your information security strategy. Since you can’t stop every attack, you need to have mechanisms that help you detect them. That way, you may be able to respond before it’s too late.
Recently at Gartner’s ITxpo Symposium, I gave a presentation called Visibility: The Missing Layer of InformationSecurity. In this talk, I share how data breaches have increased, while at the same time, it takes us to longer to identify them. I also share a detailed timeline covering four major breaches from the headlines, and illustrate how long the attackers were in these organizations before the breach was even discovered. Next, I show how visibility tools can help you discover breaches more quickly, perhaps even allowing you to mitigate them before the attackers make off with your data. Finally, I offer six things we can learn from these breaches.
If any of this sounds interesting to you, Garter has made my presentation available on-demand. Click here to learn how visibility tools, such as WatchGuard Dimension, can plug the missing gap in your information security program. — Corey Nachreiner, CISSP (@SecAdept)