One of the topics that is top of mind of quite a few folks at Gartner IT Expo this year is security. Several of the CIOs I have spoken with have said that addressing Cybercrime is one of their top concerns. We all know that Cybercrime is bad. Really, really, bad. If you’re not taking basic precautions such as using a firewall, running current anti-virus software and using strong passwords right now, stop reading this and take action. What actions? Check this out.
OK, so let’s assume that your password isn’t “123456″ (you did read the first paragraph, right?). So let’s get down to business.
Most organizations are working to protect themselves from Cybercrime. In one of my last blog posts, I explained that for most of us it’s like preparing defensible space around our PCs and data centers. The goal is to establish an area, a moat so to speak, that the bad guys can’t cross and invade our PCs. This “moat” often is created with a firewall that lets in some types of traffic and blocks other types. Many people think that in order to reduce cyber risks we need to build deeper and wider moats.
The problem is that the bad guys are smart. They don’t attack the moat. They know that you have to have bridges across the moat in order for your information to get out. So the bad guys attack those bridges.
What are those bridges? They are your applications, like your email client and your web browser.
At Level 3, we watch cyber attacks happen every day. At any particular point in time we are tracking about 3000 different command and control centers in operation, and guess what? Most of them are attacking web browsers. Check out our latest report on the sources of cyber attacks. Think you’re protected? How many times have you ignored a software update notice?
A better way to think about protecting yourself from cyber threats is to use an old trick I learned from my military training: build “interlocking fields of fire”. This concept involves multiple layers of protections. In the case of cyber security, it means using a firewall but understanding that you also need to keep your applications patched and your network devices updated. You have to protect the entire cyber security ecosystem, from the earth to the Cloud.
You still need a defensible space, but you also need multiple layers of protection to defend it. These defenses require us to build moats, but we also need to have some boiling oil handy when the hoards storm the gate.
Get your copy of the Frost & Sullivan security services white paper, Don’t Leave Your Organization Exposed.