Cybercrime is a constantly evolving beast. And as cyber criminal’s methods change, cybersecurity tactics must evolve in tandem.
The theme of Infosecurity Europe this year is “Intelligent Security: Protect. Detect. Respond. Recover.” The inclusion of “respond” and “recover” goes to show how the focus of the security industry has shifted over the years.
For decades, prevention and detection were the be-all and end-all of cyber security. The philosophy was that if you build your walls high enough, and keep your eyes open, the bad guys couldn’t get in. Today, it is abundantly clear that prevention and detection are no longer enough. No matter how sophisticated the defences are, cyber criminals are skilled, determined, and well-funded – and will ultimately be able break into any network.
With organisations waking up to the fact that breaches are inevitable, the focus of the security industry is rightly shifting to how organisations can develop Cyber Resilience – learning to respond to, mitigate, and move on from attacks as quickly and completely as possible. At Infosecurity Europe this year, I am most excited to hear how security professionals and organisations are approaching incident response to this end.
My strategy talk at Infosecurity Europe will look back at the history of cyber security over the last 25 years to see how we got to where we are today. There are lessons to be learnt from the past. By looking at how threats and security strategies have developed, we can glean insight into what we can expect in the future, as well as how businesses can develop resilience to tomorrow’s attacks.
The talk will look at:
Defining Moments in the History of Cybercrime and Cyber Security
From worms and viruses to data breaches, the methods deployed by cyber criminals have changed significantly over the past 25 years – becoming increasingly complex, sophisticated, and tenacious.
But the methods of the “good guys” have also changed. The rise of viruses brought cyber security’s first counter-punch: preventative technologies like firewalls. Bigger, more targeted attacks like the TJX data breach spurred the rise of detection solutions. Compliance and insider threat became a priority.
Today, in the wake of massive breaches like Sony and Target – and their subsequent fallout – the industry is pivoting again, realising Incident Response is a critical need.
Strategies for Improving Incident Response
The lessons from Sony and Target were clear: How your company handles a security incident has an enormous impact on the overall damage, legal ramifications, and in terms of public perception. Taking steps to improve response as earlier as possible can make all the difference.
It is vital that organisations have comprehensive plans in place for incident response. By focusing on responding faster, more effectively, and more efficiently, businesses can ensure data breaches are survivable. Just as businesses have learned to live with fire, accidents, and theft for centuries, companies today can learn to mitigate and move on from cyberattacks – and even thrive in the face of them.
Incident Response in the Future – and Achieving Cyber Resilience
By aligning their prevention, detection, and response strategies and functions, organisations can ensure that they can manage today’s cyber threats, even as they continue to evolve. Because instead of looking at emerging attacks methods and new products, they build fundamentally sound, comprehensive security processes that lowers overall risk and enhances their ability to bounce back.
In the end, that’s what Cyber Resilience is – the ability to manage an attack quickly and gracefully, before it causes catastrophic damage, and return to normal business operations with minimal disruption.
Paul Ayers, General Manager of EMEA for Resilient Systems, 04 June 2015, 10:00-10.25 Strategy Talks
Not registered for Infosecurity Europe 2015 yet?