Thursday, February 1, 2018

The main cyber security questions of 2017 and the way to answer them

At the end of 2017 I was talking to some US based business analytics firm, and the main questions they asked was why.

- Why security budgets are not growing rapidly, after all that scare with WannaCry and NotPetya? 
- Why businesses are not spending more to protect themselves, aren't they scared now? 
- Why the impact was so hard, even for the customers with high end perimeter security systems?
- Why is it happening?


Well, let's start with the easy one. Businesses are scared.

They were scared long before 2017 malware rampage. In 2017 they suddenly realised it does not matter how scared you are. They reached the limit of fear. They have realised it does not matter how much you spend on perimeter security. It does not matter how well-known your vendor is, which part of the Gartner it occupies and how great is his marketing campaign. None if it matters. By the end of the day, a weak link will be found and you will be owned.

So business is doing what it's doing best - counting money. They have switched to a risk management mode. For what it worth, backup tech budgets were raised, not firewalls. Additional insurances and legal protection fees are on the rise, not perimeter security budgets.

The second why is also simple but not that obvious. Perimeter security solutions today are top-notch, but they are still failing the customers. You can have all the jazz: FW, IPS, Anti-Virus, sandboxing, and you will still miss something eventually. Or even better, business will not wait for your security cycle and will deploy something completely exposed, with, god forbid, SMB services open to the Internet.

Hello, WannaCry, here is your free lunch,  come and get it.

In the eternal struggle between security professionals and business the latter always wins. Why? Because, think about it. It is just the matter of money. Business makes money, security spends some of it. If from the business perspective cost to effect ratio is not getting better, additional spendings are at best questionable.

Yet, the major security vendors are still beating the dead horse. Every conference, every vendor event includes some scare presentation about malware on a loose, hackers success stories and slides with names and sums of damages in big red letters.

Well, good luck with that.

In Guardicore we take an alternative route. We protect your East-West traffic, securing later movements in your infrastructure. We enable business and speed up DevOps actions by applying dynamic labelling as part of micro segmentation security policies, we provide unprecedented visibility of your assets traffic and detect intrusion attempts and anomalies in real time. On top of all that, we provide dynamic deception to lure an attacker into a honeypot to make sure his tools and tactics are registered and blocked everywhere across the ecosystem.

The new age of security is here. You do not have to be scared anymore.

No comments:

Post a Comment