Charles Renert, vice president of research and development for Websense Security Labs, stopped by CSO’s headquarters today. The discussion was primarily around an upcoming threat landscape report Websense will be releasing soon. But we also had the chance to discuss Renert’s perspective of what he said is a continued emphasis on “reactionary” security among many organizations and security leaders.
"A lot of the companies I talk to don’t make a proactive investment,” Renert told me. “They wait to be attacked, then put measures in place. But, in the heat of the battle, you aren’t going to have good security architecture in place.”
Renert made what I thought was an interesting statement about being “proactive” with regard to your security posture.
“Proactivity helps you understand how the attackers work. When you put your mind into the framework an attacker works from, you see the kind of opportunities they look for.”
As most of you know, primarily, hackers are seeking financial gain these days. But those attacks can come in many forms; from theft of IP, to invasion of privacy of a certain employee to extract key data, to web site or other brand defacement because they are working for an entity that is trying to sully your reputation.
These types of attacks are becoming more targeted, more long-term in the hope of paying off with a “big win” in the end, said Renert. But security leaders at many organizations still aren’t paying enough attention.
Feeding into their distraction, said Renert, are the constant headlines about hacks to sites like Twitter and Facebook, which tend to get a lot of tongues wagging, but do not really represent the kind of threats an enterprise needs to guard against.
“A security executive will call me and say ‘Twitter was hacked again. What can I do to protect my users?’”
While well-meaning, Renert believes the emphasis on these kinds of high-profile threats is misplaced, and all organizations need to reexamine their own internal controls to ensure they reflect the real attacks they are up against – which can be going on silently, in the background, undetected for years.
“The punchline for CSOs is that the controls that have been deployed, and the way CSOs think about security, doesn’t always reflect the reality of the threat landscape today,” he said.
Do you agree with Renert’s assessment? Is your security posture proactive or reactive?