Have a realistic discussion

摘要

When it comes to real-time threats, if your executives expect you to prevent all breaches, you're overdue for a talk. First, total prevention of threat infiltration is not realistic. Second, you can't catch everything. Third, security technology by itself won't do much. To address today's cyber-threats, monitoring programs must be based on the assumption that we will get hacked and always have infected systems, and the security team's role is to minimize damage by focusing on top risks. Why is a meeting of the minds with the executives important? One must have their collaboration and input to determine what kinds of cyber threats can most negatively impact the business. Are they more concerned about incurring fines, preventing losses, protecting trade secrets or protecting the brand? They may not understand the factors that contribute to the new landscape. Hackers targeting an organization use a string of techniques to establish an internal base from which to launch data theft or fraud. Botnets and other forms of malware morph and proliferate quickly, and can hide in stealth mode. The variety of endpoint devices that can introduce malware to the network makes total control impossible.