Cyber Security: Protect What You Have
There is a saying often used when discussing the route to happiness: “Want what you have.” Its origins aren’t entirely clear. I’d originally thought it to be something profound from a Buddhist movement, but Google seems to suggest an author or other famous folk.
Essentially, what it means is: if you want what you have and not like most humans, the things you do not have; then in theory, you’ll be content and on the right path to happiness.
Recently this got me thinking, can the same be true of cyber security? On the face of it yes. We’re bombarded constantly by new technology, new acronyms, phrases and concepts to worry about. How are we protecting DevOps? What about BigData Security? SASE? CASB? Do we need a WAF?
Lots of folk at cyber security vendors will wax lyrical about “protecting the unknowns” or “securing the zero days” and that’s all well and good, but if you’re a SOC operator then it’s widely reported you’ve got between 10 to 25 tools at your disposal. Some of which undoubtedly overlap, but where do you point all these new shiny products?
Realistically, what is meant by protecting or finding the unknowns? They’re unknown by description. Same goes for zero day: it’s not a threat until it’s found, then it’s a threat.
How much of that is worth losing sleep over then? Does the latest zero day actually affect us? The recent log4j CVE is a brilliant example of this, Apache’s library is used in so many places and for good reason. But when it got exploited, the security community ran around with colanders on their heads for a good week or so knocking things over in panic.
I spoke to an Admin friend over a Christmas beer: “I wrote a script that reported which of our devices had the logger on… saved us loads of time” he said proudly whilst supping at his lager. I then explained about how the exploit was used and that different versions were not in fact compromised and his face started to look puzzled. Eventually realising: “I’m no further forward then really, am I?”
So much furore is put into trying to protect at all costs, effectively let’s put product and ruleset around every single packet, every program, and every single process. When, like the quote at the top, could our time be better spent simply protecting what we have? Which as we always agree, is the data!
Maybe instead of protecting every single web packet through a complex and diverse CASB costing a small fortune, we’d be better off protecting the two cloud applications which contain the data our company does hold? If that’s done correctly, we’re probably 80% of the way towards a healthier outlook.
Gartner have coined new terminology for this type of cloud security platform, for protecting what you have, not what you don’t have: SaaS Security Posture Management, SSPM. It features on their latest hype cycle, and for those of you not yet on the CASB train to happiness, it’s a sure fire way to start sleeping better at night!
If you’re struggling to understand where you should start with your new project, then talk to one of HANDD’s Data Security Experts. Get in touch via email info@handd.com.my or call us on +603 2935 9801.
Written by Sam Malkin, Lead Solutions Architect at HANDD Business Solutions.