The Psychology of (In)Security

Similar documents
Making Windows Secure by Design

Report. Black Hat 2015: State of Security. Endpoint Risk Overshadows All Others

Endpoint Security Transformed. Isolation: A Revolutionary New Approach

Report. Bromium: Endpoint Protection Attitudes & Trends Increasing Concerns Around Securing End Users

Trends in Zero-Day Kernel Exploits and Protection 2015

Making Client-side Java Secure with Bromium vsentry

Cybersecurity: A View from the Boardroom

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks

The evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

2016 Dell Data Security Survey FULL REPORT

Enterprise Cybersecurity: Building an Effective Defense

cybereason Data Breaches Don t Blame Security Teams, Blame Lack of Context 2016 Cybereason. All rights reserved. 1

REPORT Perimeter Security Defenses. State of Perimeter Security Defenses, Time to Think Different?

Zak Khan Director, Advanced Cyber Defence

The Five Most Common Cyber-Attack Myths Debunked

Retail Security: Enabling Retail Business Innovation with Threat-Centric Security.

CYBER SECURITY, A GROWING CIO PRIORITY

Statement for the Record. Martin Casado, Senior Vice President. Networking and Security Business Unit. VMware, Inc. Before the

Securing Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely

Enterprise Cybersecurity: Building an Effective Defense

Assumption of Breach: A New Approach to Cyber Security

BOARD OF GOVERNORS MEETING JUNE 25, 2014

RETHINKING CYBER SECURITY

Data Security: Fight Insider Threats & Protect Your Sensitive Data

Bromium vsentry. Defeat the Unknown Attack

RETHINKING CYBER SECURITY

Seven Things To Consider When Evaluating Privileged Account Security Solutions

What SMBs Don t Know Can Hurt Them Perceptions vs. Reality in the New Cyber Threat Landscape

Zero Trust Requires Effective Business-Centric Application Segmentation

A New Approach to Assessing Advanced Threat Solutions

Cyber Security. Moderator: Marla J. Kreindler, Partner, Morgan, Lewis & Bockius LLP

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Practical Threat Intelligence. with Bromium LAVA

State Governments at Risk: The Data Breach Reality

Introduction to Runtime Application Self Protection (RASP) Making Applications Self Protecting, Self Diagnosing and Self Testing

IT S TIME TO RETHINK SECURITY MANAGEMENT A Resource for the Security Professional

The Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director

DISCLAIMER AND NOTICES

Compliance series Guide to the NIST Cybersecurity Framework

Logging In: Auditing Cybersecurity in an Unsecure World

Redefining Incident Response

NATIONAL CYBER SECURITY AWARENESS MONTH

V ISA SECURITY ALERT 13 November 2015

Breaking the Cyber Attack Lifecycle

WHITE PAPER. Attack the Attacker HOW A MANAGED SECURITY SERVICE IMPROVES EFFICIENCY AND SAVES COST

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

Carbon Black and Palo Alto Networks

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

DEC Next Generation Security with Endpoint Detection and Response WHITE PAPER

Accountability for a data breach

Risk-Ops at Scale: Framework Operationalization to Address Business Risk

Protecting against cyber threats and security breaches

Security Intelligence

Best Practices - Remediation of Application Vulnerabilities

A Channel Company White Paper. Online Security. Beyond Malware and Antivirus. Brought to You By:

The Impact of Cybercrime on Business

Network Security Landscape

Cybersecurity Vulnerability Management:

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

End-user Security Analytics Strengthens Protection with ArcSight

NYS LOCAL GOVERNMENT VULNERABILITY SCANNING PROJECT September 22, 2011

Meeting the Information Security Management Challenge in the Cyber-Age

Fighting the Insider Threat IT S TIME TO THINK ABOUT BEHAVIOR NOT JUST DATA

Managing cyber risks with insurance

Cisco Advanced Malware Protection for Endpoints

Cyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13

Data Center security trends

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Healthcare Security: Improving Network Defenses While Serving Patients

VMware and the Need for Cyber Supply Chain Security Assurance

DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?

Cybersecurity. Are you prepared?

MAY 7, 2015 AND THEN THE ACCOUNTANTS SHOWED UP HOW THE INSURANCE INDUSTRY WILL DRIVE CYBER SECURITY. CHIP BLOCK EVOLVER, INC Reston, VA

THE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE

Taking a Proactive Approach to Patch Management. B e s t P r a c t i c e s G u i d e

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

McAfee Server Security

WHITE PAPER THE TOP 5 MYTHS OF DATA BREACHES

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

October 24, Mitigating Legal and Business Risks of Cyber Breaches

Building a Business Case:

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

Cybersecurity Imperatives: Reinvent Your Network Security With Palo Alto Networks

HEALTH CARE AND CYBER SECURITY:

FACT SHEET: Ransomware and HIPAA

YOUR DATA UNDER SIEGE: GUARD THE GAPS WITH PATCH MANAGEMENT. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

White Paper. Advantage FireEye. Debunking the Myth of Sandbox Security

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

VOLUME 3. State of Software Security Report. The Intractable Problem of Insecure Software

Moderator: Benjamin McGee, CISSP Cyber Security Lead SAIC

Security Solution Architecture for VDI

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Eliminating Cybersecurity Blind Spots

The Cybersecurity Threat Protecting Big Data

Transcription:

The Psychology of (In)Security Security Myths Create Risk Adversity to Change

Executive Summary The most high-profile data breaches were at organizations that failed to make the proper investments to properly protect their critical data from breaches. When we consider the most high-profile data breaches of the past few years it should be alarming. The most high-profile breaches have all been at multi-billion dollar organizations, yet they failed to make the proper investment to properly protect their critical data from breaches. They failed to make the proper investments because they were afraid to make any substantial changes. It is basic human nature to fall into a routine, so nothing changed for these organizations, even as the threat landscape changed around them. It has been said that the definition of insanity is doing the same thing and expecting different results. These breaches have resulted in lost trust for these organizations, lost value for their shareholders and have lost jobs for those responsible for protecting this critical data. Each year, organizations will spend $75B investing in security solutions, yet the frequency and magnitude of breaches continues to grow. The problem is that organizations are investing in the status quo by continuing to purchase and deploy legacy security solutions that are incapable of addressing the reality of the threat. The challenge for security professionals is that the majority of security vendors trade on fear, uncertainty and doubt (FUD) to sell solutions that inevitably fail. When these solutions fail, security vendors turn to two common excuses that are perpetuated as myths. These two pernicious myths that security vendors spread are to assume compromise and that sophisticated attack cannot be defeated with existing security solutions. 2

Myth #1: Assume Compromise When you walk the floors of industry trade shows and speak with security vendors, one of the most predominant endpoint security myths is assume you will be compromised. Bromium customers know this is a fallacy, but as a result of this axiom, the security industry has remained obsessed with post-breach detection, but at the cost of less protection. The reason this myth persists is because assume you will be compromised is a self-fulfilling prophecy. If you believe you will be compromised then you will make investments in detection and remediation, instead of considering more effective forms of endpoint protection. It is a vicious cycle: assume compromise, invest in detection, compromise occurs because of inadequate protection, successful attacks are detected, and incorrect beliefs are validated. Repeat into the next budget cycle. Myth #2: Advanced Attacks Are Too Sophisticated to Be Stopped Sophisticated attacks present a significant hurdle for legacy endpoint protection. Sophisticated attacks may incorporate malicious websites, email or documents that have been developed to evade detection. Therefore, even diligent security teams may not be alerted to a compromise. Additionally, continuing technology trends, such as cloud computing and mobile employees are relocating corporate assets beyond the corporate perimeter, increasing the need for effective endpoint protection. When a mobile user connects to an untrusted network, it is imperative that attacks don t slip through the cracks. Beyond the sophistication of attacks, there is also a balance between security and operations. Primarily, operations are concerned with ensuring that an organization remains productive, while security is concerned with compensating 3

Compromise will occur if organizations continue to invest in detection instead of protection. for vulnerable technology. For example, an organization may have developed its own legacy application that uses outdated and unpatched versions of Java to run, despite the obvious security vulnerabilities. Therefore, an effective endpoint protection solution must be able to securely enable both legacy applications and new computing models from sophisticated new attacks without breaking them. Protection is not enough if we are not also maintaining a great user experience. Adapting to Change: Fixing a Broken Model There is an old saying in corporate America, No one ever got fired for buying IBM, because IBM was trusted as the leader. If it isn t broken, then don t fix it. The problem is that security is broken; it only appears to be working until the next major breach. It is critical to understand that the majority of information security solutions do not work as advertised. The reason it seems like endpoint security is a losing battle is because the current security model is broken. For example, the NIST Cybersecurity Framework organizes five basic cybersecurity functions: identify, protect, detect, respond and recover. Three-fifths of this framework (detect, respond and recover) assume compromise will occur. Of course, compromise will occur if organizations continue to invest in detection instead of protection. Perhaps the only reason your organization hasn t made the headlines is because it is lucky enough to avoid attention. Or perhaps it has been breached, but it hasn t been detected. The security industry will sell $75B of products that will inevitably fail. We must realize the psychology of our insecurity. Government regulation and industry mandates are not enough. Security infrastructure must provide a foundation that is secure by design because there is no army of security professionals large enough to analyze and respond to the haystack of alerts, looking for the needle of the attack. 4

Security infrastructure must provide a foundation that is secure by design. The reality is that many CIOs and CISOs know that the technology they use to secure the enterprise will fail them, but they don t know how to succeed. The answer is to adapt to change. Adopt new technology initiatives that do not fall victim to the security fatalism of assume compromise. Those are the stories of security professionals that are indulging in their failure. Your organization can be secured quite simply: use micro-segmentation to isolate your networks and applications. Ensure all your PCs and mobile devices are untrusted even if they attach to your network directly by ensuring that they access your applications from a separate network segment. Virtualize your data center, and micro-virtualize your PCs. ABOUT BROMIUM Bromium has transformed endpoint security with its revolutionary isolation technology to defeat cyber attacks. Unlike antivirus or other detection-based defenses, which can t stop modern attacks, Bromium uses micro-virtualization to keep users secure while delivering significant cost savings by reducing and even eliminating false alerts, urgent patching, and remediation transforming the traditional security life cycle. Bromium, Inc. 20813 Stevens Creek Blvd Cupertino, CA 95014 info@bromium.com +1.408.213.5668 Bromium UK Ltd. Lockton House 2nd Floor, Clarendon Road Cambridge CB2 8FH +44.1223.314914 For more information go to www.bromium.com or contact sales@bromium.com Copyright 2015 Bromium, Inc. All rights reserved. WP.PsychSec.US-EN.1510 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information