The Fireball makes you Wanna Cry

Another week, another global outbreak. Yet you still don’t think you need real visibility? Really?

Are we really naïve enough to think that we are immune to being hit by these global threats?

Do we really think that everything is ok, even though millions around the world have been hit?

We really have become a special kind of stupid... Harsh? Maybe, but I hope this gets you to listen.

I speak to people everyday who are overwhelmed by the growing threat landscape. They hear of these threats and see the dangers and have felt the pain of a cyber-attack in the last few weeks or months – yet nothing has changed in the environment. You then think that you won’t be attacked again?

More discussions leads to more discussion. More talk about what needs to be done leads to nothing actually being done.

Updating a policy as a knee jerk reaction is one thing, but not doing anything to monitor what is really happening renders your policy worth only the piece of paper it is written on.

If you really do take information security and compliance seriously, why do you not know what information was accessed by which user yesterday? How can you tell your customers their data is important to you but you don’t know who has copied this to DropBox or USB in the last 12 hours?

Just because you “ticked all the boxes” of your IT audit does not help you stop a cyber breach in its tracks.

Sadly, it is often the very same people who call us in a state of panic because something has already happened. The horse has already bolted my friend. The data is gone. The servers are compromised. The data is encrypted.

It may be because you are under-resourced or perhaps you don’t want to admit that you have a problem. Statistics don’t lie, the first 6 months of the year have shown a massive growth in cyber threats – whether it is the WannaCry outbreak or the global release of Fireball – and the next 6 months will not be any different. The attackers change their route to market every day, but you think doing it the same way you always have will keep you immune.

The modern enterprise is under constant threat, you can be safe one second and infected the next. Locking things down doesn’t work, as this drives users to find more sinister methods to bypass the lockdown. Strong passwords don’t work as the average user will tell a colleague what it is. Whaling attacks, phishing attacks, compromised adverts on social media, ransomware…..

The truth is no matter how complex your environment is, how secure you believe it to be – you cannot stop breaches from happening. Your network will be breached, your systems will be compromised. They possibly already are!

The best form of defence starts with visibility, you need to know what assets are spread across the environment. You simply cannot protect what you cannot see. There must be ongoing and total monitoring to ensure security and compliance.

How do you know if a piece of malware has been installed on a user machine if you don’t know what is on there in the first place? With visibility you have capability.

When you know what is really happening across the environment – you can take steps to immediately respond to changing threats. Stop damage by responding faster.

New software and hardware vulnerabilities are discovered every day, do you know which assets are affected? If you don’t know, that is a problem.

What did the user do with that sensitive financial or customer data on their laptop last night at home? Was it moved to USB device or uploaded to a cloud share service? If you don’t know there is a problem.

Getting started is key to protecting yourself on an ongoing basis. Your network is compromised, the environment is hostile, your users have been breached – you just don’t know about it.

So stop crying, let’s get started.