You may believe that the FBI, the NCA, and Europol should be doing more to protect their respective citizens. Or you may believe they’ve already overstepped their authority, depending on your political point of view. But one thing you know for sure – with certainty – is that your cyber adversaries are winning the ground war and we need to find a better path forward. If the last two years taught corporate leaders anything, it’s that there are cyber criminals who are well-resourced and highly motivated to attack information networks: criminals, organized crime-rings, nation states, ideologues, disgruntled employees. So here’s my question: Shouldn’t you be pursuing them before they strike instead of waiting for the other shoe to drop? Hunting them down, every day?
Look at this Ponemon Institute study to see what happens when companies don’t proactively hunt for cyber breaches. Get ready. If you’re like me, it may feel like a gut-punch when you read it. For example, 46% of companies surveyed found out by accident that they’d been breached! Only 10% discovered their breach through proactive use of forensic methods and tools; about a quarter (23%) were notified by third parties, such as business partners, law enforcement agencies or even worse, customer complaints. What’s more, over half (53%) of the companies in the Ponemon research discovered the breach more than a year after it occurred (33%) or had no clue how long their enemies had free reign in their corporate networks (20%).
Call me a hawk: I believe companies should be on the cyber hunt – every day. It’s time to stop waiting to be victimized.
We know there’s been a clear shift. The issue now isn’t if your organization will face a cyber breach, it’s when (a refrain that is invoked far too often and is, frankly, irritating now, but there it is, I said it). Our cyber resilience team knows from experience that the battle is “won” not exclusively through prevention, which has become virtually impossible, but early detection. If an attacker is in your network three days instead of three months, you’ve won a battle and mitigated your damages significantly.
So please, whether you hire and train your own cyber forensics experts, or hire an outside expert, go on the hunt. Identify and thwart bad actors in your network before they have the chance to do serious harm to your company, your employees, and your customers.