Don’t Fear the Breach
Security | Jun 12, 2017
By Michael Harris, CMO, Guidance Software
Data breaches are a fact of life.
Fueled by headline after headline – many organizations obsess over the possibility of a breach, even to the detriment of their overall security profile.
Businesses would be wiser to flip that thinking on its head – Don’t fear the breach!
(The author, speaking at Enfuse 2017 in Las Vegas)
Accept that breaches are an unpleasant fact-of-life and act appropriately. In other words, don’t be so focused on breach prevention that your organization is rendered helpless in the aftermath when one does occur.
At Enfuse 2017 in Las Vegas last month, Guidance CEO Patrick Dennis analyzed this core issue during the opening keynote, advising organizations to overcome their inefficient worry over breaches – and even to embrace their inevitability. Businesses are in a state of continuous compromise, facing external and internal risks from increasingly sophisticated hackers, to employees that simply fail to act carefully enough.
While breaches will happen, they aren’t the end of the world. When a breach occurs, tarring and feathering the CISO should not be the first course of action. Rather, the organization’s security team should be judged on how effectively they responded to the incident. Furthermore, an organization should have a response plan in place that involves the entire organization from the c-suite, to the legal team to the PR and marketing departments. Effective response is about complete response.
On a conceptual level, this misappropriation of concern comes down to over-valuing perimeter defenses. Building higher walls and deeper moats can only get us so far. An effective response that detects the presence of malware when it has reached endpoint systems, continues to protect data within those systems, and mitigates the situation to arrive at a positive outcome – that’s the sort of mature breach response capability that organizations would do well to adopt. Unfortunately, the common obsession with preventing breaches rather than preparing for them often leaves businesses unprepared, or under-prepared to respond to incidents that penetrate beyond the initial defense.
This obsession is also driven by a powerful and damaging stigma against admitting when a breach has indeed occurred. Maybe 1% of breaches are reported. Regulatory issues, reputational pressure and stigma all contribute to this systemic underreporting. All of this plays right into hackers’ hands, by preventing information sharing between the good guys. This is why it’s so vital to recognize and counter this stigma. An open and honest take on the realities of breaches helps everyone. We should be working towards an environment defined by open information sharing, where an organization hit with a breach feels can share valuable Intel with other security teams and law enforcement to help others avoid the same fate and move toward more prosecution of cybercriminals.
The time to act is now, because the problem isn’t going to go away on its own. The universe of IoT devices will hit 20 billion (or more) by 2020, vastly increasing the attack surface that hackers will seek to exploit. At the same time, the proliferation of nation-state level malware is helping make attacks even more difficult to detect. Against this backdrop, those seeking to prevent breaches will face the prospect of defending access to every one of the myriad vulnerable devices – what we call edgepoints – a noble, but maybe impossibly challenging, prospect.
When we look at the challenge in an honest way, there is zero room left for fear. Breaches will happen, be prepared, be proactive, and be unafraid.
Michael Harris is the Chief Marketing Officer for Guidance Software responsible for all global marketing and product marketing efforts for the company and its EnCase® security, e-discovery, and forensic investigation products. Harris has led a broad range of businesses from startups to multi-billion dollar public companies. Prior to joining Guidance Software, Harris served as Vice President, Products for j2 Global, a world leader in cloud services where he set the product direction, priorities and roadmap, as well as led merger and acquisition product integrations. Harris also held CEO roles for a number of technology startups while at Idealab, as well as serving as CEO for Adapt Technologies. Before Adapt, he held senior executive leadership roles at Yahoo!’s Overture Services Division, FileNET, and Stac Software.