We are living in a time when danger has become a constant in our lives.
At least as far as the cyber world is concerned.
But we are still doing the same thing we did years ago to protect ourselves: buying and buying tools. So much so that we have become fanatics, and every time an attack has the necessary publicity, the wallets of the organizations open up and ask us about the new toy we «need» to protect ourselves from that particular attack.
And then we keep repeating the same behavior that we had more than 40 years ago, in which, with the birth and rise of personal computer viruses, the more antivirus we had installed, the more secure we felt. The tools changed, but the behavior did not.
Next year, attacks are expected to continue to increase and according to some specialized publications, ransomware and phishing will maintain their reign.
So what do we do?
- On the one hand, the first one has become so sophisticated that it is almost impossible to detect it until the attack is obvious, and at that moment the attack is already being modified so that in practice the next one will be a completely different and new malware. In practice we will be living a permanent zero-day attack.
From my point of view, it is necessary to decide to generate a human team dedicated to security intelligence so that together with tools for analyzing behavior in networks (internal and external) it is possible to constantly patrol and analyze the ecosystem of the network and the cloud, in search of anomalous or suspicious situations. For this purpose, these tools must use artificial intelligence, which together with human intelligence will be the key to success.
- The second is the simplest to be used by attackers, since it is a technique that has been used even before the birth of this technological era, and the victim is precisely the human component, for which it is not yet possible to buy a tool that prevents him from falling into the tricks used by cybercriminals.
All that remains is to deepen in campaigns that allow each one to have the greatest number of criteria so that the protection is exercised by each one, according to the culture of cybersecurity that is available. We must try by all means that this culture permeates deeply within our being, in the same way that in the physical world we are taught from childhood not to open to strangers or to look at both sides of the street before crossing. That is how basic our level is in this aspect.
The rest: New tools, Penetration tests, Vulnerability analysis, etc. They must continue to be done. It is part of permanent cyberhygiene, and nothing of the above rules them out. However, the latter are more oriented to security tactics, and what we have failed in is strategy. We don’t have one. Without strategy we are condemned to always go after the bad guys, the key to make the leap is to push it without doubts or fears. I firmly believe that no doubt when we generate strategies in which to support and generate the right tactics, we will begin to turn the trends.
However, for the time being I hope that in this coming year, we will begin this path and stop thinking that the more toys you have, the safer we will be.
I have nice memories from my early years, having a truly funny time seeing the superheroes cartoons.
The same thing happens with the Justice League: ability, superforce, prowess, intelligence, communication capabilities, was a kit that ensure the success of any mission. More over, when one of them stay alone, generally the problems begun.
Just think that the AI tools we build should not compete with each other, but rather create niches of individual advantages that can be integrated into the new Super Friends.
Being CIO 
Comentarios recientes