un-earthed

Do you think for even a fraction of a second that the doors and windows of your home are going to protect you from an intruder? I am sure you don’t.  Without a doubt, an intruder who is determined to get in will find a way. That is why we also have intrusion alarms with back to base monitoring, neighbourhood watch programs, a guard dog and police response to name a few of the additional security measures. The security of your home is dependent not, only, on protection measures, but also detection and response.

Which is the most important? Well, naturally you would say protection, but consider this: What if someone did break in to your home, thus defeating your protection, but detection and response resulted in the intruder being apprehended before helping himself/herself to your valuable assets? No damage done, no loss of assets.

This thought was running through my mind the moment I read an article in the Sydney Morning Herald on 16^th June 2011 titled: ‘There is no security’: hackers take down CIA site. My belief is not that there was no security, but that there was simply not enough of the right kind of security. earthwave has always told clients that security requires complete coverage: that is protection, detection and response. The havoc created by hacking group, LulzSec, in recent attacks launched on the CIA, FBI and Sony’s PlayStation Network is helping organisations to see the reality that earthwave has been preaching for years. In fact we can only expect more attacks like these to shed light on the mistaken practices of thinking that security is protection, so you should be ascertaining whether your organisation is relying on protection only, or whether it also has detection and response capabilities.

We all know that recent victims of LulzSec’s attacks have had large funds at their disposal to spend on security. The question is: are all of these funds being poured into protection, detection and response? My guess is that protection gets the most focus, yet we know that protection, at best, is a weak form of security. How long would it take for someone to pick a lock, kick down your door or hurl a brick through a window of your home? Information security is no different – protection of your assets without detection and response is just not enough.

Now, you could spend a lot of money on turning your home into a fortress, but at what cost would you feel secure? Would you ever feel 100% secure? We can guarantee you that if you have not already been hacked, you will be hacked. Protection will buy you a little extra time and nothing more. If you think buying more protection is key, then think about the fact that no matter how excessive the protection there may have been at the Pentagon, back in 2001, it was still susceptible to terrorists who flew a plane into it. Wouldn’t detection of and response to a terrorist hijacked plane have been a more cost effective solution?

If you want to apprehend the bad guys before they get to your valuable assets, then augmentation of protection with 24×7 detection and response will be critical to keeping your organisation out of the increasingly topical information security news.