Proactive versus reactive cyber security
Updated: Jan 21, 2018
October 12, 2017 | Dr James Carlopio
The vast majority of today’s cyber security efforts are reactive. Virus protection, anti-spam, anti-phishing, patching and the like are focused on dealing with known vulnerabilities. Since we know about virus X, we can protect ourselves against it. Security policies and procedures are similarly focused on protecting us from known threats. We create and enforce a policy requiring password changes because we know that passwords get stolen. Even when we move to education and awareness-raising, we are still educating and raising peoples’ awareness of known and likely problems. It is not until we make the jump to cultural cyber security that we change our thinking from reactive to proactive.
A proactive cyber secure culture is one in which people are constantly vigilant. Care for themselves, their loved ones, their colleagues and organisations is their primary focus. People chose security as they no longer see it as an inconvenience; they see security as a way to protect and provide for those who matter to them. Cultural cyber security requires people to think about potential vulnerabilities and to proactively prepare themselves and their organisations.
Social engineering scams always have to do with the 3 Ps – procreation, provision and protection because that is where we are vulnerable. Procreation, provision and protection are the three fundamental instinctual drivers of human perception, attitudes and behaviour (see blog on the 3 Ps).
When criminals think of new social engineering opportunities, they focus on the areas in which people are emotional such as money and sex. For example, before someone first conceived of an on-line-dating scam, they thought about where people are vulnerable and emotional. People are emotional and vulnerable related to relationships and the people that they love. In a conscious care cyber secure culture, people are aware of this. This is one of our core differentiators. Everyone else is reactive while we at CCS create a proactive culture that actually looks to find its vulnerabilities before they are ever exploited. We constantly ask questions such as:
• What information and data do we have that can be monitised? • Is this offer (email) for real? • What could go wrong? • What are the potential consequences of doing X? • Whom can I ask about this?
When coupled with advanced dark market scanning that can reduce the time-lag between when you are breached and when you find out about it from the average 206 days to a fraction of that, your people and culture transform from being your biggest security vulnerability in to a proactive high performance security asset.