During FOCUS10, we announced our Security Connected initiative as a way to get the enterprise one step ahead, breaking down the silos of security technology and processes. In January, we’ll dissect all the elements of Security Connected here on the blog. As an introduction to this series, we thought we’d remind you of the surefire ways to get hacked – by ignoring the 5 key elements to any security program: discovery, prevention, detection, response and audit.
Discover: Don’t waste time figuring out where all your information is, the bad guys will do it for you. Instead, spend time blogging about the new Nikita series and how it doesn’t match up to the one from the 90’s. Besides, when has understanding what the bad guys are targeting ever helped versus finding out if Michael and Nikita will rekindle their relationship.
Prevent: Prevention is overrated. Wouldn’t you rather maximize your time spent farming on Farmville? Let’s get back to the early days of ARPANet; take what you want and leave what you’ve got.
Detect: Just take a look at all the guys at the beach walking around with their metal detectors – what makes you think you’ll find anything? (There are no bottle caps on the Internet.) While you’re at it, by removing the smoke alarms and sprinklers in your place you can make room for that sweet skylight.
Respond: Talk about cutting into your weekend – who has time to respond to critical incidents? Just look away and hope it will fix itself; maybe just reboot the BGP router or unplug and plug you’re your network cables a few times – security via the on/off switch.
Audit: So you found something bad on your network? What are the chances of that happening before? Bad guys are like lightning, they only strike once; and if they are successful they count their blessings and find a new target.
Any one of these elements alone is not effective – however, together, they’re the essential building blocks to a robust security strategy. This foundation enables the enterprise to be strategic, re-focus IT and security efforts on enabling business initiatives, and deal with threats quickly and use fewer resources.