Prevention is no Match for Persistence

Rethinking Cyber-Security in the Age of Relentless Attacks

Today, most IT security is based on prevention – an attempt to create counter measures against previously identifd tactics and threats. In theory, understanding how hackers attack us helps us prepare our best defenses against them.

But in practice, we can never build our virtual walls high or strong enough to serve as sufficient barricades. For starters, old tactics evolve and new tactics emerge at a rate impossible for security professionals to match. Spear phishing targets our most vulnerable employees and watering holes attract the unwary. Our best “sandbox” malware analyses can miss some of the latest suspect behaviors. It’s impossible to predict when and where the technologies we rely upon, such as Flash or Java, will suffer  the exploitation of a previously undetected (a.k.a. zero-day) vulnerability.

Worse, practice makes perfect. The key part of any advanced persistent threat (APT) is the persistence; even relatively basic, “off the shelf” malware can become powerful when it is applied repeatedly across a wide attack surface. As our digital borders, via private and public cloud services and mobile users and devices, expand they become
more porous and our digital line in the sand becomes too big to defend.



For enterprises or organizations at any scale, prevention alone can never be sufficient defense: our security professionals must be right and fast all the time, but cyber-attackers just need to be effective once, over any time period.

Our new cyber-security environment demands a new way to think about our cyber-security strategy, one that aligns our security investments with our business risks, and is less centered on ideal prevention and more focused on reality: hackers represent an ever -present threat who cannot be intercepted by preventive techniques alone.



Source: OpenDNS, Inc.

To read full article Click Here


Leave a Reply