Written by John Bentley, Director, Middle East, Africa and India at AccessData
Three of the most ridiculous myths about cybersecurity:
1) You can 100% keep the bad guys from getting in
The truth is, if the bad guys want in bad enough they will find a way in. Advanced attackers and the APT are savvy, sophisticated, well-educated, and often well-funded. While I don’t believe you can stop the bad guys from getting in 100% of the time, I do believe you can be proactive about it. Anticipate it, prepare for it, and in doing so put yourself in a position of power. And while you can’t guarantee the bad guys won’t get in, you can feel confident about being able to mitigate the impact to your organization.
2) That you don’t have anything worth taking
First, if that’s your answer, your organization needs better self-esteem. Advanced attackers and the APT don’t just go after military secrets and big ticket items like KFC’s secret recipe. If your company has customer data, credit card information, makes the little widget that’s part of a satellite, has information on M&A or negotiations – it’s worth having and someone will want it. Identify what these gems are for your organization and put a plan in place to protect them.
3) That it won’t happen to your organization
First, read myths #1 and #2. Second, reset your expectations. You WILL at some juncture be compromised – in fact, you probably already are. The chances of it happening are the same as you getting a tan if you went to a Dubai beach in summer – it’s inevitable. Expect it, plan for it and make sure that you’re in a position to identify the threat and respond to it immediately. In other words, have your mop and bucket handy, it’s going to get wet.
It’s a scary world out there, but you’ve got great resources on your side. Take advantage of them. Make sure what you put into place gives you the visibility, context and automation you need to resolve any security incident that comes your way.