Modern attackers use a variety of tools and techniques to overcome defences to steal data, execute ransomware attacks and cause damage and disruption to their targets. And while defenders continue to use many different tactics and tools to block malicious activity, the number and impact of successful cyberattacks continues to grow.
So, given the resources targeted at thwarting cybercrime, why is this problem still not solved?
Dave Shephard, the Vice President for Asia Pacific and Japan at Illumio, says our prevention first approach needs to change.
“We're in an era where people accept that perfect prevention isn't possible. Whilst prevention controls have done a lot for us, compromise is inevitable, and detection often lags. Attackers can move freely in a network before they’re identified. Breach containment and lateral movement are the problems we're trying to solve.”
Reports suggest at least a quarter of cyber-attacks rely on lateral movement. That means coming at the problem with a new mindset. Shephard says you need to think about how to make your business resilient from the inside out, not just from the outside in.
“A zero trust or assume breach mindset are the right mindset for a modern security professional. If you’re prepared to think differently, then you’re prepared to act differently. The technologies and the tools of yesterday aren't going to save you from the threats of today and tomorrow,” he says.
Transitioning from an end-point prevention strategy to a zero trust or assume breach mindset can seem challenging. But Shephard says starting with an assessment where you understand not just what systems connect with each other, but which can connect with each other is key.
“Understanding how communication could occur will help you to frame the blast radius and understand or calculate the impact of a breach,” he adds.
Shephard says this will enable the organisation to identify some quick wins that can be implemented that will deliver instant reductions in risk levels. They key, he says, is to get started and not wait for a perfect plan.
“Don't let perfect be the enemy of good. Get started, be prepared to iterate and use your partners to help you along the way”, says Shephard.
Access the full iTnews State of Security report: Here