Keep Pounding!! If you are a Carolina Panther football fan, you heard this phrase all the way to Super Bowl 50. Liken to most sports, “a great defense with a good offense will typically win the game.” When it comes to IT security, the same holds true.
We’ve also heard “the best defense is a good offense.” This is rarely true. Take tennis for instance, if you are playing someone who has a great backhand and serve, but you defend all the player’s shots, chances are one of your returns will eventually score. The same holds true with football, basketball, baseball, pool, foosball, cornhole, Risk, and most other sports or games. A good team or individual that can consistently apply “great defense” to stop the other team’s offense, will typically come out on top.
In this IT scenario, the offense would be the “bad guys” and instead of sending people balls and bean bags, they are sending bugs, bots, viruses, malware, trojans, ransomware, or other malicious attacks. These offensive attacks are coming from many directions and their intentions are to win the game. What is on the line? In this game you could lose your (or someone else’s) identity, your life savings, your credit card information, medical records, trade secrets, passwords, contact lists, your job, customer goodwill, etc., etc., etc. The worst case scenario, you could be fined millions of dollars by the government. If you like the things that you have, you do not want to lose this game!
The game is a tough match these days. Many of you have heard of Software-as-a-Service (SaaS), that has made it easier to acquire, operate, and manage software over the past 15-years. The programs are in the cloud where hundreds or thousands of users can get access from an internet connection while the supplier or developer applies updates, hardware, and maintenance as needed. SaaS users typically pay a reasonable monthly or annual fee for use of these applications. Well…have you heard of Malware-as-a-Service (MaaS)? MaaS is a service now available to crooks and hackers for a monthly fee. Criminals are now earning $16-billion per year and are creating $500-billion in damages to good folks (estimated to grow to $2-Trillion by 2019). Among other methods, this malware or trojan can get on your computer through an e-mail, URL link, or by simply visiting a compromised website.
In football, if you didn’t wear a helmet for protection, you may be fined for a while but sooner or later you would get hurt or killed. If someone tries to say that web protection isn’t a problem for them, they probably don’t realize the extent of the danger. Of course, if you are familiar with the security industry, you’ll often hear some crazy numbers which sound exaggerated. For instance, a new malicious URL is found every 2 seconds, or there are tens-of-thousands of malicious URLs discovered daily, or 80% of those infected websites are legitimate sites hijacked by crooks to distribute malware. These are mind-boggling stats, but that doesn’t mean that every site you visit is going to infect you. Fortunately, the internet is a large area and while you may not get hit by a threat on any given day, it is just a matter of time the way things are going.
I know of several families that have added the iRobot Vacuum Cleaner over the holidays. We are now in the age of the IoT (short for Internet-of-Things). These “things” have IP addresses and are embedded with electronics, software and/or sensors, and can be accessed through a network or the internet. Things like: security systems, thermostats, stoves, gates (and other smart home options), cars (intelligent transportation), etc…will eventually play a part in smart grids and smart cities. It is estimated, that 50-billion IoT objects will be in use by the year 2020. 3-years from now! Can you imagine what can happen without a great defense?
Currently, computers, networks, laptops, tablets, smartphones, and good people (in general) need protection from these crooks and hackers. A smart or learning security service should be put into place that can communicate with the server, web, and endpoints. Once there is a good anti-virus/ransomware solution and a network/web security solution in place, they can all talk to and learn from each other to better protect you. Select one vendor with a great defense from all these different directions and you stand a much better chance of winning the game!