It seems that the cyber security conversation is never-ending. Topics, ideas, insights or just about any other constructive thinking inside your organization, has cyber security sprinkled into it. As they should, security teams are watching the warning networks, requesting tools to better secure data, patching and praying, as well as trying to imagine what’s next.
Unfortunately all of the confidence scores around stopping the next cyber attack or closing the next security breech assume the next one will be of the same type or kind as prior attacks. But what if it is not? What if the next security attack is of a totally different kind? What if the prior 37 attacks and cleanups have all left little pieces of code in places you may not think of, such as router cache, and the next attack will assemble those 37 bits of code into a completely new thing? Is your organization ready for that? How do you know? If not, how do you prepare?
The Unacceptable Answer
A multitude of questions, including those above, cannot all have fully formed answers. Some are unanswerable until an attack has been mitigated, studied and understood, and new defenses created. Perhaps an acceptable answer for many of the questions is, “I do not know.” But, in the world of IT and security professionals, these words are unacceptable. The reality is that no one knows for sure what the next cyber attack will be, when it will happen or how much damage will occur. However, we can learn to prepare for and limit the scope of the next attack.
Occasionally cyber security is referred to as a marathon rather than a race, and the analogy is directionally correct in that cyber security is not a one-time thing you decide to do today. Rather, your effective cyber security practices are long-term policy and habit-driven actions that deliver expected outcomes against historical needs. But what if your cyber security marathon were followed by an attack pentathlon leading to a breech triathlon? Would you manage security differently?
The Best Cyber Defense
Preparing for and managing this combination of connected but different security needs requires the levels of training and practice one might find in Olympic athletes. Ongoing preparation, knowledge gathering and skills development, are among the best cyber defenses available today. Training your teams to respond to the unexpected in ways that confuse or distract cyber attackers is one clear advantage you have today. Doing this requires ongoing investments in learning and understanding how the cyber threat landscape changes from day to day. This is how you prepare for the unknown.
“I do not know” can be an unpopular phrase in IT and cyber security. However, it can also be the starting point for improving your cyber self through new knowledge, new habits, and a new view of the cyber security threats yet to come. One thing you do know is that the cyber threat tomorrow will be different from the cyber threat today, and that means you must be doing something different today if you are to be ready for tomorrow.