What Can We Learn from the Super Bowl?
While I’m sure we can learn something, I think we can all agree defense is boring. The same is true for security. Your defensive security, that blocked someone from potentially getting into your network, is a lot less impressive than saying you hacked NASA.
But to win the Super Bowl the Patriots defense needed to be one step ahead. Yes, Tom Brady is who everyone talks about, but if the defense hadn’t done their job, they would not have won the game.
So, I’m going to spend the rest of this time talking defense. The unsung heroes.
Defense is really hard. You have a limited budget, with limited time. An attacker can choose the time and place on where to attack, while defense must be on 24 hours a day, 7 days a week. They have no idea when or where the attack will happen, or what is going to be the target. Will it be an end user compromise or an attack on your website? When was the last time someone reviewed your firewall for open ports, or checked the permissions of your end users? These are the worries that keep the defensive team up at night.
If you are a smaller company, you might be thinking that there is no way you can even imagine having a defensive security team… you are not the Patriots with an unlimited budget. That is okay; there are things you can do to help your company stay more secure. There is no such thing as a one-box-to-save-everyone solution. Ten years ago, everyone put in a firewall and believed they were secure. Now, with people working from home, connecting with smart phones, using web applications, the firewall is only a piece of the overall security strategy. You need to give your end users security awareness training, so they have a fighting chance to protect the company and themselves from hackers. You need to do external vulnerability scans to see what type of attack vectors are available from the outside. You need to look at the logs all of your devices generate.
A trusted security partner can help. You might not be able to do everything right away, but small steps in the direction of security can pay big dividends. Feel free to contact Thrive to discuss any of our security solutions, we would be happy to help.