To protect your home from an intruder you make sure the doors and windows are all locked and secured. You might even go further by building a fence around the yard, perhaps even having an angry-looking dog to stand guard.
But there’s no point going to all that effort if someone’s already broken in and set up camp in the basement.
Yet that’s the security policy of thousands of big businesses trying to protect their data from cybercriminals.
They do many of the right things. They invest in security software. They take a strong, multi-layered approach to security – including all the things we recommend, like multi-factor authentication, encryption, reliable backup systems, and staff training.
But they don’t pay enough attention to detection and response. That involves constantly scanning systems for any sign that a crook may have gained entry somewhere, and having a process to stop an attack in its tracks.
A new study shows that only a third of businesses place detection as their main priority, while two-thirds say prevention is their primary focus.
That means they could be building 10-foot walls around their systems with intruders already inside.
In-house security teams might be super-confident in the security measures they’ve put in place. But the data suggests that they’re being too complacent. The study reveals that more than eight in ten businesses experienced more than one data breach last year – even with good security.
Criminals are constantly finding ways to evade security. That tells us that we need to take a rounded approach, with solid prevention AND detection policies providing the best protection against today’s determined criminals.
Published with permission from Your Tech Updates.