“Predictions are difficult, especially when they concern the future.” This statement, which has been attributed to either the American author Mark Twain or the German comedian Karl Valentin, can easily be applied to cyber security.
In our industry, it is sometimes even difficult to predict what will happen in the next 30 seconds - let alone twelve months. My colleagues and I believe that it is more productive to forgo (more or less vague) forecasts and instead ask (difficult and unpleasant) questions - in order to create new ways of thinking.
Many predictions in the IT industry only describe the “what” and “how”, only a few also deal with the “when, where, why and who”. But these are exactly the questions that really matter. Albert Einstein said, “If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes thinking about the solution.” Because once you know the right question, you can solve the problem in a short time. This is also a finding that I think applies to cyber security. Right now, those responsible in companies and authorities are facing major challenges in view of the increasingly rapidly evolving threat situation. This results in four central questions that should be asked at all management levels.
The right questions lead to good answers
- 1. Do we have the knowledge required to correctly assess risks? “Some people would rather drown than call for help.” is one of the many well-known sayings of the German poet Wilhelm Busch. Unfortunately, it becomes clear again and again that those responsible in organizations have (too) little experience in the area of cyber security, and many also overestimate the quality and effectiveness of their defense systems. That's why it's important to remain humble in general about some things in life and to specifically ask experts for help. Ideally, not until the dreaded emergency has already occurred.
- 2. Can our employees be bribed? The hacking group Lapsus$ did just that: According to Microsoft, it gained "first access in a variety of ways, such as paying targeted companies' employees, suppliers or business partners to access login credentials and authorize multifactor authentication." In other words, sometimes it's even easier than the French playwright Molière's saying, "Where one door closes, another opens." Because if you're just let in through the door, you don't even have to break in. The mandatory program should include ongoing employee training on IT security and compliance in order to close this potential gap.
- 3. What is the craziest way hackers could access our data? The idea behind the phrase “think outside the box” – comparable in German to “looking beyond the box” – comes from Norman Maier. The American psychologist defined the concept behind the phrase, which was used by many management consultants in the 70s and 80s, back in 1930. He found that less than five percent of students had this ability. They were so limited in their way of thinking that they couldn't see the proverbial forest for the trees. Therefore, it is necessary to create an environment that encourages innovation so that teams can think outside the box.
- 4. Are we addressing the most important threats – or just the most urgent? The Eisenhower Principle, named after the former US President, is a way to categorize tasks according to urgency and importance: There are “two types of problems: the urgent and the important. The urgent ones are not important, and the important ones are never urgent.” His decision-making principle was simple, only the urgent AND important things had priority for him. Security teams should be guided by this - for example when prioritizing security risks in IT and OT.
About SentinelOne
SentinelOne is a global leader in AI security. The Singularity platform detects, prevents, and responds to cyberattacks at machine speed – enabling organizations to secure their endpoints, cloud workloads, containers, digital identities, and mobile and network-connected devices quickly, accurately, and easily.
Matching articles on the topic