Thank You Sir, May I Have Another

“The definition of insanity is doing the same thing over and over and expecting different results.” – Albert Einstein

Is it possible that there are companies that deserve to experience a security incident?

Some may call this unproductive thinking, but it seems that some businesses are exposing themselves to repeat attack due to how incidents are being handled. Here are some examples of recent and common behaviors that are putting businesses at undue risk:

  1. Victims of cybercrime are not reporting their incidents. This lack of reporting may on the surface appear to protect the victimized organization, but that notion is short-sighted. By keeping the details of the attack and attackers private, we cannot learn from the event. This lack of detailed information about events makes it much harder to prevent, detect and correct them when they occur again. Our inability or unwillingness to share information becomes a critical weakness when fighting cybercrime – this is especially common among small businesses. Knowledge is power.
  2. Victims  of cybercrime are settling out of court. Believing that they’re saving their reputations and wallets, victimized organizations avoid prosecution of attackers or malicious employees. Without prosecution, bad people never become criminals, and they simply move on to their next victim. Background checks against bad people are useless unless they have a criminal record, and criminal records don’t exist without prosecution. The same bad employee could end up working for the victimized company again and again if they were determined and understood how easy identity theft was.
  3. Victims of cybercrime aren’t collecting or using event evidence to strengthen their security programs. Actionable intelligence is the equivalent of sights on a handgun, without these you’re chances of hitting your target become much, much lower. Security devices – firewalls, intrusion prevention, monitoring, anti-malware – record mountains of activity data during a security incident. Leveraging this information can help ensure that you’re less vulnerable to the same attack again.

As human beings we are programmed for self-preservation, these reflexes have helped us survive for millennia. However, it is these same survival reflexes that cause us to trade long-term pain for short-term gain. It takes considerably more thought and patience to factor the complex network of cause and effect relationships into our security decisions, but the juice can be worth the squeeze.

And as a bonus, Einstein wouldn’t have you committed.

Advertisements

Tags: , , , , , ,

About regharnish

CEO of GreyCastle Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: