Tim Conkle, CEO, The 20
“The elephant in the room with security is just authenticating who someone is, even if they’re contacting you from a known source. People focus on secure locks, deep machine learning antivirus solutions, advanced network filtering and security, alerting, etc., but miss the fact that it doesn’t matter how secure your environment is if your user opens the door for an intruder. If someone calls to get a password reset and they identify themselves, know a few security questions, etc., are you sure they are who they say they are and not a deep-faked voice with a little bit of social engineering and research?
“We live in a post-security world. It’s not enough to try and just prevent a breach, you need to know what to do when one happens. No matter how much security you apply, technology is too complicated and the technological arms race too high paced to remain impenetrable. Even air-gapped machines have been infected by the right strategy. It’s not a matter of if you’re breached, but when. Your preparations and your response makes the difference between being down long enough to go bankrupt, and it just being a moderately stressful day.
“Detection of a security breach impacts the damage done to your environment. If a computer gets infected and your setup quarantines it and alerts you as soon as something out of the ordinary happens, you’re going to fare better than a backdoor sitting on a network for weeks with a threat actor doing whatever they want. Having the technical setup to roll back affected systems and square away all the security issues (credentials, infection, backdoors, etc.) is one thing, but one machine is easier to fix than 100. The sooner you know, the less work you need to do.”
