Why cybersecurity solutions aren’t working
At one point or another, someone probably had to explain to you Albert Einstein’s definition of insanity: doing the same thing over and over again and expecting a different result. The reason we are in this situation is because we, as an industry, aren’t coming up with solutions that address the problem from an alternate perspective. We are so focused on keeping things from coming into our network that we forget to pay attention to connections being sent out of our network. We are ultimately assuming that everything going out of our network is safe. Because if we create enough layers of security, nothing bad can ever get in, and therefore, nothing bad could ever get out, right? This sounds good in theory, but it is this one-way thinking that has led us to where we are today.
A few years ago, a Bloomberg study showed evidence of chips manufactured overseas containing hidden malware built into the device before being shipped to its final destination undetected. There is some debate on the credibility of this study, but for the sake of this argument, whether it is true or not is irrelevant. What if it were true? What if just one chip had malware? The walls of Troy were strong. They had never been breached. But what took them out? An attack from the inside.
What if we operated on the assumption that our network could never be 100%, unquestionably “safe”? And what would a solution like that look like?
A new, inside-out approach
A typical security solution monitors traffic coming into your network and alerts you if it sees anything that may look nefarious. IT teams must then research these alerts – some companies see tens of thousands of these per day – and determine which of these are valid threats. There are thousands of entry points into your network – that is simply the nature of the beast. The larger the company, the more entry points that exist. And no security architecture, no matter how layered or sophisticated, can guarantee impenetrability.
The inside-out approach assumes the theory that your network will be compromised at one point or another. However, the presence of malware inside your network alone cannot harm you. Malware requires a connection to complete its task. Without an outbound connection, it simply cannot deploy malicious code.
To stop cyber attacks, you must look at both incoming and outgoing traffic.
It is the outbound traffic that ends up taking down the ship. Hackers first accessed SolarWinds on September 4, 2019. It wasn’t until long after the code was removed from their systems that the attack was discovered. Monitoring these connections, identifying bad agents, and disallowing them from sending out “phone homes” is the only way to prevent successful attacks. We cannot prevent attacks from happening, but we can prevent the ability of an attack to carry out its mission. Here’s a quick read on Sunburst and why our customers weren’t impacted.
Looking inward to move forward
Hackers are getting smarter. Artificial intelligence is being used for evil. If you have a network, you are a target. To protect ourselves and our businesses, we must change the way we think about cybersecurity. And, as with many things in life, it starts by looking inward.
Interested in seeing how INTRUSION is using this new, inside-out approach? Click here to learn about Shield and how it’s transforming the way we see cybersecurity.
Ready to get protected?
INTRUSION Shield is inexpensive enough to be affordable to every business, large or small. For a small fee per seat, per month – with no annual contract and no hardware to buy – you can get immediate protection.
Get your free report
Simply enter your URL and get a detailed report emailed to you.