Proactive vs Reactive Security
The cost of a data breach has increased by 29% since 2013. As the cost increases year on year, businesses have a lot to lose, yet few are willing to look at their cyber security strategies that clearly aren't protecting their assets properly.
Companies tend to go down one of two paths when securiting their systems. These are reaactive or proavtive. Depending which one yur business chooses can make all the difference whether Joe Blogs, the hacker from Surrey gets into your data and steals valuable information or dosen't.
A reactive strategy is just that, reacting to threats as and when they enter your system. This kind of thinking generally includes off-the-shelf technology like legacy firewalls, anti-virus software and contingency measures such as disaster recovery plans.
These aforementioned traits of a reactive strategy are of course important but by no means enough to protect your business!
The problem with only having a reactive strategy in place comes with the technology being deployed. Using off-the-shelf technology products may look like they will be adequate in the box but in reality are actually riddled with holes. The holes often allow vunerabilities like worms and viruses to enter your system and conduct automated attacks that can cost your business thousands.
It's been reported that 80% of reported incidents could be prevented is the software administrator were aware of these holes and downloaded a patch to repair the software.
Additional to this is the thought that a legacy firewall will still keep out intruders. These old pieces of machinery are an extremely ricky piece of technology to bet the saftey of your businesses data and assets on.
Just like old phones and computers can't keep up with new technology (imagine trying to run Google Crome on Windows 95), it is the same with firewalls.
Legacy firewalls were created way before the majority of threats out there even existed. This means the legacy firewalls has aboslutely no idea what these threats are. Without knowing what the threats are, the is no way the machine can treat it as a threat and therefore lets it through. It's effectively blind to most threats out there.
In this volatile climate of threats and vunerabilites around every corner, the best line of defence is to implement a proactive strategy.
Where banks use thick steal and concrete vaults, business need to have the same level of security for their systems. Dedicating resources to preventing unuthroised visitors onto your network is of the upmost importance and not being done by most.
A proactive strategy needs to include technology that can keep up with the ever changing threat landscape. You may discover a new threat today, but by tomorrow this will have evoloved into something far more sinister. Companies are now using sandbox technoquies where, unlike legacy products that let through anything, if a machine with sandboxing comes across something it isn't familiar with, will quarentine it in a virtual machine until it has the go ahead that it's safe.
Another feature to get proactive is with intrusion prevention which monitors and detects unauthorised visitors as and wwhen it happens and activates defense activites if anything is flagged.
It's now easier than ever to employ a proactive security strategy into your business. Many next-generation firewalls have all the tools and techniques to protect your system from threats that have never even been seen before.
SonicWALL for example, employs Capture APT which is a virtual machine which consists of three sandboxes (this means three times the protection) as well as anti-virus, intrusion protection and support whenever you need it. Getting proactive has never been simpler!