It seems like every other day, there’s a new massive security breach announced; some major company dropped the ball, and has compromised millions of consumer records, including passwords or sensitive financial information. Equifax is the latest and most visible example of these breaches, but a Yahoo breach from years ago is still unfolding with new information, and the Target breach ended up costing hundreds of millions of dollars. Breaches are huge, damaging, and costly.
So how is it that these major national corporations, with decades of experience and billions of dollars of buying power, can let these breaches happen? And more importantly, what can we do, both inside and outside of these companies, to prevent them in the future?
A New Way to Visualize Security
New cybersecurity technology evolves as quickly as the hackers trying to exploit it. Accordingly, we now have access to top-of-the-line cloud security platforms, sophisticated firewalls, and best practices that should hypothetically keep us safe. Is there some flaw with these technologies that keeps us vulnerable to massive breaches?
Not necessarily. You see, we tend to think about cybersecurity as existing as a wall—and terms like “firewall” don’t help matters. The wall is designed to keep all the bad things (like prying eyes and outside influences) out, letting only the good things in. Breaches are usually seen as a hole in the wall, whether it previously existed or was created by someone trying to break in.
It’s easy to conceptualize security this way, but it’s flawed on a few different levels. Most importantly, it fails to recognize the fact that the “walls” we build are only part of the equation. A firewall may be perfectly sound, but if it isn’t configured properly, it can easily be bypassed. If a member of your team falls for a phishing scam and leaks your password, it doesn’t matter how strong the firewall is.
Instead, it’s better to think of security as an elongated chain. Each security standard you have in place is another link in that chain. For example, your firewall could be the final link in the chain, but it’s also connected to the same chain as your Wi-Fi network, the employee currently using the internet, the database you use to store customer information, and even your customers themselves. In bigger systems, there might be dozens of links in the chain.
Conceptually, this serves us because a single broken link in the chain—no matter where it is or how it came about—is enough to make the chain useless for defense.
Why the Chain Approach Matters
The chain approach is effective as a tool for conceptualizing and improving our security standards because:
It prevents us from building bigger walls. When you have a line of defense protecting your data and your customers’ information, it’s tempting to keep investing in that wall. But of course, as we’ve seen, those continued investments have a finite return on investment; even if you have a multimillion dollar security budget, hackers will find ways to get around, under, or over that wall. Ultimately, it’s one link in the chain, so any single strategy should receive a restricted portion of your budget.
It forces us to strengthen every link. Thinking about security as a chain forces you to scrutinize every link in that chain, strengthening it to prevent a possible breach. You’ll investigate your security service providers, your technology, and the people working for you, and improve all of them to create a more protected system.
It highlights the true root causes of breaches. This approach also helps you understand the real root causes of most data breaches. These aren’t typically the result of a brute-force attack meant to chip away at a wall; they’re exploitative efforts, looking for overlooked links in the chain.
If you want your organization to be more secure, and far less vulnerable to a cyberattack or data breach, you need to start thinking about your security as a chain with multiple links, rather than a wall of impenetrable defense.
This simple change in philosophy will help you make smarter choices, and create a tighter network of defense.
Source : https://www.computer.org