No one vendor, product or service can deliver your cybersecurity needs - here's why.
What is commonly called cybersecurity is derived from network, information or infrastructure security. These products and services are good at what they do, but what they do is only part of what cybersecurity is. In the modern war against cybercrime they can only deliver a small part of what your cybersecurity solution needs to be today.
When we look at what and where the risks are, 70% are external to your organisation. Of the 30% that is internal, 80-90% of this risk is your own people. This leaves >6% of your cyber risk for your boundary protection solutions. 6% is not a complete cybersecurity solution.
Cybersecurity is much more than just network, infrastructure or information security. It is much bigger than these old-world security solutions are able to provide. Cybersecurity must work the way the world works today, not as it did 20 years ago. In the modern cyberworld there are four parts to cybersecurity: Relevance, Intelligence, Proactivity and Protection.
Cybersecurity must work the way we do – Anytime, Anywhere, Any device. We don’t work in a network confined world anymore.
Cybersecurity should provide intelligence. It should be able to deliver information that can be acted on that protects the organisation. It should be able to report evidence of a breach and what information has been stolen.
Cybersecurity should identify risk before it becomes a threat to the organisation, whether that risk is inside or outside the organisation. Protective Cybersecurity should be able to react and remediate to protect the organisations critical information and systems, once a threat is known. (this is what old-world security delivers)
The Future of Cybersecurity
If your cybersecurity strategy is entirely based on Protective solutions, you don't need to look far to see how effective this approach is. Every week there's another breach story in the news. Every month the breach numbers bigger. Every year the victims more famous.
When you're looking for partners who can help with Relevant, Intelligence and Proactive, don't rely on the big name vendors. They (mostly) still believe that protection equals cybersecurity, and are focused on extending their (network) services into the cloud, or on to end points. For the other modern components of cybersecurity you're going to have to find new partners. Partners like Darkscope, who are pioneering effective cyber intelligence by going where the bad guys are playing. Your old-world protective security solutions are vital, but without the other three parts of cybersecurity, your strategy and solution might have some very big holes.