Cybersecurity Is In Meltdown, Here’s A New Idea | Data Driven Investor

Despite a decade of increasing investments in cybersecurity, never have organizations been more vulnerable. New approaches and thinking are urgently needed.

Cybersecurity is entangled in an impossible knot of productivity tied to old user habits and the failing efforts of IT security to defend against an ever more sophisticated and malicious adversary
Ryuk, Sodinokibi & Phobos are the top 3 ransomware variants (Coveware 2020). Despite years of investment in cybersecurity by organizations globally, the results have only been more breaches and costs.
The security business is looking up. Cybercrime is a thriving industry. Companies are caught in the middle paying out to both sides.

Doing the same thing and expecting different results, clearly isn’t working as a corporate cybersecurity strategy.

If you’re not a security vendor or a cybercriminal, it is time to completely reimagine how we secure the digital organization. All trends for costs borne by the company are going up and have been for a long time. More recently, things have gotten worse. According to IBM, “… organizations in the 2019 study were nearly one-third more likely to experience a breach within two years than they were in 2014.” [1] At what point do we accept that we’re going in the wrong direction with regards to securing the company? Doing the same thing and expecting different results, clearly isn’t working as a corporate cybersecurity strategy.

We need a knife to cut the knot.

Rethinking the entire topology of technology is a huge statement and an even larger undertaking. Like anything really big, identifying the low hanging fruit can be … a fruitful place to start. Once understood, a glaring and frankly surprising opportunity is a technology literally under our collective noses — on our cell phones, laptops, everywhere. It is the most ubiquitous file-sharing technology on the planet and has been since the inception of the Internet. Today it is a primary cause of data sprawl and loss. [8] It spreads corporate data with unprotected, untraceable abandon, and is a vector of choice for cybercriminals wanting to infect their targets with malicious code. [9] It is so pervasive that, like the air we breathe, it is virtually invisible. This invisible menace is email and specifically email attachments.

We don’t use 8″ floppies anymore, but we continue to use their technological peer — email attachments, a 50-year-old file-sharing technology that is still used ubiquitously despite its significant security risk and productivity loss.
A decade of data trends proves that organizations can’t win without confronting their immense security disadvantage. A few simple actions can fundamentally alter the picture. If you can’t keep the ocean of threats out with a higher wall, just move inland.

Sources

  1. Cost of a Data Breach Report 2019, IBM
  2. America Under Fire — US Gov. Solarium Cybersecurity Report Sounds The General Alarm
  3. Mandiant Security Effectiveness Report
  4. Gartner Forecasts Worldwide Information Security Spending to Exceed $124 Billion in 2019
  5. Ransomware as a service (RaaS): What is it and How Does It Work?
  6. Ransomware Payments Up 33% As Maze and Sodinokibi Proliferate in Q1 2020, Coveware
  7. Mitigating Business Risk and Driving Business Value with Behavior-Based AI Security, IDC
  8. Our Dangerous Reliance on Email Attachments And What To Do About It
  9. 2020 Data Breach Investigations Report, Verizon
  10. The Futility (And Hope) Of Cybersecurity In Today’s Organizations | Data Driven Investor
  11. Containing Data Sprawl In The Work-At-Home Era of COVID-19 And Beyond
  12. A Critical Defensive Layer Missing From Most Security Strategies

CEO MxHero Inc.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store