A Painfully Obvious Truth From Gartner
Here’s a great nugget from this year’s Gartner show in DC: you’re gonna get nailed. Just accept it. The keynote speaker provided some takeaways, and that was the one that finally confirms what I’ve been telling people for a while and often get frowns for. You will be breached. So now you say, “what’s the point of living? I should just kill myself now.”
But wait, grasshopper. Two more points to make now.
First, “breach” means somebody got in and left their dirty fingerprints. Bypassed your feeble firewall. Cracked some passwords. It doesn’t necessarily mean they stole or broke anything.
Second, were you prepared when it happened? The sooner you resign yourself to the fact that you WILL get breached, the sooner you will prepare for THAT. If your entire strategy is based on keeping evil-doers out, you’re already screwed. Because you won’t keep them out. So plan for limiting, mitigating, or eliminating the potential damage.
In the olden days, defenders would retreat behind a line they knew they could defend, and they burned all the crops and villages in their wake, burned their own stuff, to give the invaders nothing to live off or hide in. I’m not saying you should burn your server, unless it’s an AS/400, but I’m saying, don’t give the invaders anything to live off or hide in.
- If data is encrypted, it doesn’t matter if a bad guy in a mask walks off with your server on a dolly.
- If production data is masked before it’s used in testing, it can’t be compromised.
- If your network is segmented, you’re possibly allowing for some damage, but not total destruction.
- If you implement segregation of duties, especially at the database level (INCLUDING service accounts), you are preventing invaders from using your own privileged accounts against you.
Here’s another point. Multiple customers have told me, they won’t get fired for a breach, because even their BOSSES know it’s going to happen. But they WILL get fired if
1) They’re not prepared to react to a breach
2) They fail the audit in advance of a breach
See, breaches are baked in, at least by people who know what they’re talking about. If the bad guys get in, and they get nothing useful, then you’re good.
For now.
One more important thing from the Gartner show in DC: the Gaelic steak at Harrington’s Irish Pub is freaking phenomenal. What’s that got to do with security? Nothing.