Cybersecurity — 2017 Reality Check
The cyber security community descends on San Francisco next week for the RSA Security Conference to review the latest products to address our cyber security woes. Guests will have the opportunity to review over 500 vendors from around the world and seek to differentiate between products and determine whether they will really help security. Good luck to all of us.
As we prepare, consider some truths about cyber security today:
- Costs to defend networks continue to increase.
- The costs associated with a successful attack is increasing.
- The average cost of an exploit toolkit is decreasing.
- The costs of conducting a successful attack are decreasing.
- Attacks are spreading across networks at a faster pace year over year.
- Adversaries will continue to try to subvert security and only need one way in.
Ground Hog Day all over again.
This represents a fractured market and will not change until we understand the fundamental flaw in our defensive strategy. We have seen perimeter defense, defense-in-depth, advanced firewalls, and other defensive strategies propagated but all have faltered. Each of these strategies has a common theme — a silo-based approach to security. We will falter until we break down the silos and begin to seamlessly exchange structured and unstructured incident data among operators seeking to defend networks.
At TruSTAR, we know from witnessing the real data exchange underway within the Cloud Security Alliance that adversaries are using the same tactics, techniques and procedures to strike companies. Their exchange has yielded an astonishing 60% correlation rate among their incident reporting. Their exchange is now expediting the investigation and response to cyber events and beginning to seed firewalls with indicators of comprise to block oncoming attacks. CSA will announce a working group on February 13 focused on best practices for sharing incident data. Perhaps consider joining if you are an enterprise defender tired of playing Whack-a-Mole.
You will find only one vendor at RSA which is natively built for incident exchange from the ground up, and that’s TruSTAR. We manage for market and privacy risk while providing real return to operators.
Check us out at the Oasis Booth South #2121.
