The Hacker Advantage
Do you know how hackers learn how to hack, how to perfect their skills, or how to look for vulnerabilities on your network? Pretty much in the same way your security professionals learn. In fact, there is likely nothing your security professionals have learned that is not in the hacker’s toolbox. Hackers definitely have the advantage in this game because, statistically speaking, your security team has to be accurate 100% of the time to keep nefarious actors at bay. Your team must patch every system as soon as patches become available, block every bad packet, close every potential hole, and shore up every single weakness. Hackers, on the other hand, only have to be accurate one time to score a big win. Unfortunately, it’s unfeasible and almost impossible for your team to maintain the level of accuracy and efficiency needed to keep your shields perfectly in place 100% of the time. And since hackers already know what your team knows, you are immediately placed behind the power curve. So, the thing you need to think about is this: how do you change the model to make security more effective without having instantaneous modifications every time a new vulnerability hits the street? Because here’s the reality; no team eliminates vulnerabilities instantaneously. There is always a gap of time between when a vulnerability is announced and when the fix is put into place. One advantage we have is that hackers have to be very diligent in locating a potential target, which can take some time, and that gives us a little leeway to figure out our path forward. But that still doesn’t answer the question. How do you change the model to make security more effective without having instantaneous modifications every time a new vulnerability hits the street? We have a tendency (and this is a bad one) in the security world to follow the book answer when it comes to maintain secure systems. We have a standard set of devices we put into place, some standard monitoring software, and some standard user policies—all of which hackers are very familiar with and capable of bypassing. What I have discovered is that we have to look at the risks from a completely different perspective. We can’t just level the playing field, we need to have the upper hand, and more effectively keep the nefarious actors from having any opportunity to break in, steal data, or cause disruptions. OK, here’s the best part. It isn’t that difficult. But it does require some drastic departures from what has become standard thinking.