Many organizations are thus shifting their attention and resources to mitigation - limiting and stopping attacks in progress - and to business continuity and recovery.
A recently released study by accounting firm EY entitled “Global Information Security Survey 2013” documented this change of cybersecurity focus. The report found that 51% of corporate executives surveyed had set their 2014 information security priorities in business continuity and disaster recovery, eclipsing their focus of 13% on information security risk management.
In other words, if the beach cannot be held, retreat to the next line of defense.
An example of the recognized weaknesses in relying on protective measures for prevention is typified by the recent cyberattacks on Target. In my recent post on this massive breach, it was clear that despite a new $1.6 million cyberattack detection system, 24/7 monitoring, and a cyber security staff approaching 300, Target was still unable to prevent these attacks. Had it not been for the alert attention of the U.S. Secret Service, Target may not have known the attacks were in progress for some time.
What does this shift of attention say about our economic and national cybersecurity?
That the United States is increasingly vulnerable. The very admission that attacks are exceedingly difficult to stop and that protective resources will retreat to be redeployed in the next line of defense is cause for alarm. This is particularly concerning when considering future implications.
Where will we be when we conclude that focusing on attack mitigation is also an increasingly losing battle? Will we have then have lost the battle in the trenches, as well as on the beachhead?
Where, then, is the next line of defense? See next week’s post for one possible answer.