What makes something secure?

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

This is not a simple question, especially when it comes to cybersecurity, but there is actually a simple illustration that can help answer it.

Think for a moment about physical security of a building, whether it is your home or your place of business.  What do you have in place to secure it?

In general, there are about a dozen items that come to mind, including doors, locks, fence, alarm, motion detection, monitoring, neighborhood watch, dog, gun, police or security guard.

In reality, it’s not the individual controls, but in fact the system that provides security.  Each component falls into one of 3 categories:

1) Proactive protection

2) Detection

3) Response

Now think about this.  Which category is MOST critical to security?  The majority will initially respond that column 1 is the most critical.  But let’s say someone is able to breach your locked door, bank vault, or firewall.  What is providing security at that point?

Category 3, the response you might say.  And eventually that may help.  But what if that breached door, vault or firewall is not noticed for days, months or even years?  What good will the response be if it is not timely?

There’s the “Aha” moment.  Detection is critical to security.  You can’t prevent all unauthorized access, and you can’t respond until you detect.

Make no mistake, all of the categories are important to deter and minimize risk.  But if you are like many organizations, when it comes to cybersecurity, you have a lot of proactive protections (firewalls, patching, security testing), little to nothing in Detection (IDS/IPS, endpoint, 24/7/365 monitoring) and maybe even less that can help you in Response (Incident Response plan, disaster recovery, and even cyber insurance coverage).

A tough question, but the answer is a little clearer now, isn’t it?

Foresite admin
Website | + posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Foresite Cybersecurity Announces Pivot to Open XDR & Compliance Platform

Search