You wouldn’t fire your cleaners if your office was spotless. The same’s true of cybersecurity: we must get better at managing the virtual dirt on our networks.
There is a line in a 2019 keynote speech by Mikko Hypponen, the CRO of F-Secure that goes something like this: “If we do our job in cybersecurity, then nothing happens.”
It’s so true and made me think of the times when various corporate executives challenge their investments in cybersecurity, wanting to see something tangible. Hypponen made this point by asking the audience to look around at the conference room where these conversations are taking place, asking them if it’s cleaned to their satisfaction. If so, perhaps they should fire their cleaning staff, because they’re no longer needed.
Cleaning up the virtual dirt
Now, the difference between your security engineering staff and your cleaners is obvious. You can’t see all the virtual dirt and digital clutter that’s building up across your network, the cruft of old software that needs updating and polishing, and the garbage that your users download onto their PCs that will leave them susceptible to attack. And that’s part of the problem with cybersecurity: most things are invisible to mere mortals, and even specialists can’t always agree on the best cyber-hygiene techniques.
Most of us have an innate sense that mopping the floor before dusting the shelves above is the wrong way to go about cleaning the room. That’s because we all understand (at least on a basic level) how gravity operates. But when it comes to cybersecurity, should we be changing our password regularly (some say yes, some say nay)? Or using complex strings of a certain length (some say 10 digits is fine, others say longer ones are needed)?
Be prepared for a breach
Hypponen ends his talk by saying that we must assume that we’re all targets for someone, whether they’re a hacker who’s still in high school, or an international spy that’s eager to get inside our company’s network. He says:
The times of building walls are over, because eventually someone will get inside our enterprise. Breach detection is key, and we all have to get better at it.
I agree completely. We must get better at seeing the virtual dirt on our networks. Building a better or bigger wall won’t stop everyone and will just foster a false sense of cyber-immunity. And just because nothing happens, this doesn’t mean that cybersecurity folks aren’t hard at work. They’re the cleaners we don’t ever see, unless one day they fail to clean up.
This article represents the personal opinion of the author.