Time to Get Defensive

• By Keith Ward
• 12/12/2017

There are two facts I want to tell you about today:

1. I'm teaching my 16-year-old daughter how to drive.

2. My personal information was compromised in the Equifax breach earlier this year.

I wrote a feature in this issue covering the Top 10 news events impacting our industry in 2017. Two of the stories were security breaches: the Equifax breach and the WannaCry ransomware virus. I also noted that the list could have been totally filled out with various cyberattacks and not included anything else; it's become that huge a problem.

And with the advent of cloud computing, the Internet of Things and edge computing, it will only get worse. More devices are coming online every day, creating bigger networks. More data is flowing in and out of security boundaries that used to be a lot more secure. The bad guys continue to stay a half step ahead of the good guys. That doesn't seem likely to change anytime soon.

What does that have to do with teaching my daughter to drive? Well, one of the lessons I pound into her head is the idea of defensive driving. Assume, I tell her over and over, that the other guy is going to do something dumb: fly through that red light, change lanes into yours without checking first, or the myriad idiotic things that can go wrong when the brain-dead moron is texting and driving.

Same thing with IT: Expect hacks into your network. Expect social engineering. Expect your users to continue—even in 2017—to open email attachments from people they don't know. That defensive posture will ensure that you protect yourself much more securely than accepting default settings for your security software and going golfing, knowing you're safe.

Practice defensive IT. And Happy New Year!