A rush to take on a variety of new security products can act as a distraction from preparing for a cyber breach.
Darren Thomson, chief technology officer of Symantec EMEA, explained how “shiny new objects” are a real distraction for companies. “They are using a portfolio of security tools such as defence and in-depth artificial intelligence. They have organically grown a monster and can find they have 60 security tools which are not talking to each other and are not being prioritised. It is somewhat ironic that security tools are part of the problem - we hear about skills shortages, and analyst fatigue as people can’t see the wood from the trees. It is a very real problem.”
Thomson’s view is that a move towards security platforms, as opposed to adding even more discreet tools, is at least part of the solution. His comments came at the Net Diligence Cyber Risk Summit in London, where he took part in a panel discussing breach response readiness and resiliency. Vinny Sakore of NetDiligence moderated the session, with Andrew Beckett of Kroll and Ross McKean from DLA Piper also participating.
The panelists noted that cyber attacks are similar to hurricanes, and they can’t be stopped but can be survived. Building a resilient organisation, where plans are written, tested and lessons learned are shared, is key to being able to withstand an attack.
Beckett said: “Not every storm is a hurricane. Even when the hurricane is coming if you have prepared well you can mitigate the impact, preventing most of the data exfiltration.”
Thomson added that even the largest cyber incidents often don’t look like hurricanes but manifest themselves as a slowly rising tide. “Cyber criminals can be present on a company’s network slowly damaging assets for hundreds of days before they are finally detected.”
