Early on in life, most of us were told, never assume. I’m frequently reminded why this is such great advice. Susan Boyle’s appearance on Britain’s Got Talent may be the greatest example I can think of. Admit it, you assumed it would be awful, didn’t you? (Simon Cowell sure did, and anyone who can shut up and humble him – even for a moment – is a hero in my book!)
In the security world, we make assumptions every day. About threats, about threat actors. About what we think we know, and what we think we don’t know.
When you hear about a high profile breach or rash of identity theft, what do you assume? Some sophisticated nation-state, or some shadowy underworld criminal gang? Does the “who” even matter?
Arbor’s Dan Holden wrote a great piece for Wired’s Innovation Insights blog titled Attribution Charade: Leave the ‘Who Done It’ of Attacks to Hollywood
Attribution, when achieved, can provide important information about attacker motives, particularly when it involves nation-state attacks. However, the reality is that chasing the ‘who’ over the ‘how’ is a luxury few businesses can afford. It’s time to focus on what truly matters: protecting and defending the business by focusing on the techniques of the attackers and the targets they are going after. Focus on identifying the most important assets to the business, which often means a need for better visibility, and increased protection that allows for understanding and detecting attacks at any stage of the kill chain. Focus on putting processes in place that will force rapid response to actual intrusions in a timely manner. Leave the “who done it” to Hollywood.
I agree with this, but as with making assumptions, there are other life lessons to consider, such as “exceptions to the rule.” Here is one such example.
The post Don’t assume, and other great life lessons appeared first on Arbor Insights - Our People, Products and Perspective.