Security Worries: Friday the 13th Edition

A. Braunberg

A. Braunberg

Summary Bullet:

  • Luck favors the prepared.
  • Prepare for breaches through better visibility and forensic tools.

In Western cultures, Friday the 13th is considered a particularly unlucky day.  The superstition is of relatively recent vintage, though it seems to derive from the separate but long-standing considerations that 13 is an unlucky number and Friday is an unlucky day.  Security folks are not a particularly superstitious lot, but I think we can all agree that we can use all the luck we can get.  However, any discussion about luck brings to my mind a famous quote that is usually remembered as “Luck favors the prepared (actually, the quote by Louis Pasteur is “Chance favors the prepared mind”).

Honestly, you do not hear security pros carping about their bad luck after a breach.  That being said, in spite of the best preparation, luck or chance can certainly play a part.  Think of something as commonplace as a phishing attack.  You could have updated host protection in place and still find it ineffective; and you could provide employees with security awareness training, but still find that whether or not they open a particular e-mail and click on a particular link is actually pretty random.  Still, that is not really a conversation that CISOs want to have when they are fighting for security budget.  However, it does emphasize the need for robust forensics and remediation tools and expertise, as well as deep real-time visibility into (and analysis of) traffic across your network.

The place you really do not want chance to play a part in your security posture is how and when you discover a breach after it has occurred.  The worst way is a call from the FBI (they have been tracking IP leaving your networks and arriving at a known bad actor).  The best way is by flagging anomalous behavior on your networks, quickly and in an automated fashion, and tracking that behavior back to a root cause.  The difference in these two scenarios is not luck; it is preparation.

About Andrew Braunberg
As Research Director for the Business Technology and Software group at Current Analysis, Andrew manages the Enterprise Security, Data Center Infrastructure, and Enterprise Network Systems coverage. As the lead analyst for Enterprise Security coverage, he focuses on the market and technology dynamics that are transforming the industry, including virtualization, mobility, the consumerization of IT, embedding of security into the broader IT fabric, and a shift to data centric security.

What do you think?

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: