The framework of an effective cybersecurity strategy rests on three pillars - prevention, detection and resolution - and all three are necessary.Whether internal or external, accidental or malicious, the cybersecurity threatscape is huge and growing, but successfully protecting your information, and your business, is not as difficult as you might think.
In the first of a three-part series, I’ll address how a framework consisting of these three pillars provides the basics for effective cybersecurity.
The first thing to understand is that there is no single product or service that protects all of your information assets all of the time. As quickly as cybersecurity vendors and professionals respond to the latest threat, the bad guys - i.e. malicious employees, hacktivists, cybercriminals or rogue governments - devise new threats. And let’s not forget the biggest problem, careless and untrained employees. The chances of a security incident are pretty much 100 percent, so once the perimeters are breached, detection and resolution come into play.
The good news is that most of the good cybersecurity prevention - or perimeter - solutions provide a 99.9 percent or higher detection rate for common malware. The bad news is that the bad guys only have to get it right once to compromise your security, and even a 0.1 percent failure rate can be a challenge, i.e.:
Still, prevention is the best and easiest way to protect your information assets. Prevention starts with assessing what your assets are - information, devices and people - and then putting together the plans, processes, procedures and security tools, along with training and regular reviews.
A firewall is the first line of defense, and should be bolstered with antivirus and anti-malware tools, as well as intrusion detection and data-loss prevention solutions. Other tools include email gateways and spam/content/Web filters. Newer capabilities/practices include: big data analytics; artificial intelligence/machine learning; and sharing third-party threat intelligence. And don’t forget physical security, ensuring your servers are protected and that unauthorized personnel can’t access them.
While prevention is only one-third of an effective cybersecurity strategy, it is the first line of defense, and critical to reducing the number and scope of threats you must deal with. In the next installment we’ll take a closer look at detection and its role in protecting your information assets.
At the same time the cybersecurity threatscape is getting scarier, SMBs face even greater pressures with more risks and less resources.
The Cloud - private, public and/or hybrid - has many benefits, but security will continue to be an ongoing challenge.