Many organizations make the error of thinking that basic defensive software is sufficient to protect critical data and infrastructure. When in reality, in order for government and enterprise organizations to keep their data protected from increasingly advanced cyber threats, comprehensive defensive security approaches are critical. And even with advanced, comprehensive solutions, there are still risks.
No organization is ever going to be able to protect 100 percent of its assets 100 percent of the time, which is why I work on the 95/5 principle. No matter how many security solutions are deployed, if attackers are determined enough, they will find a hole. Humans make mistakes and without fail, attackers will take advantage of them.
With comprehensive security approaches, we can regularly block at least 95 percent of threats—but there is always going to be a margin of error—the other 5 percent. A proactive, continuous approach can help ensure the vast majority of offensive moves are rejected.
So what happens when that 5 percent slips through? A mitigation plan is critical. You need data collection processes, analytics, and a dedicated team to spot these incidents before serious damage occurs. You also need processes to minimize damage and react to your business partners and customers with a precise and timely reaction to minimize any impact.
To learn more about how you can approach security defensively (and how it relates to Michael Jordan’s defensive strategy), check out this recent article that I participated in with SC Magazine: Full-court press: The defensive approach to security.