{"id":4406,"date":"2021-10-02T01:20:50","date_gmt":"2021-10-01T20:20:50","guid":{"rendered":"https:\/\/chengrob.com\/blog\/?p=4406"},"modified":"2021-10-04T18:34:27","modified_gmt":"2021-10-04T13:34:27","slug":"ten-biggest-lies-cybersecurity","status":"publish","type":"post","link":"https:\/\/chengrob.com\/blog\/2021\/10\/ten-biggest-lies-cybersecurity\/","title":{"rendered":"The Ten Biggest Lies in Cybersecurity"},"content":{"rendered":"<style>\n.number {font-size:60px;color:white;background-color:blue;font-weight:bold;float:left;width:80px;padding-bottom:0px;margin:bottom:0px;text-align:center;margin-right:20px;box-shadow: 5px 5px 4px 5px #888888;}\n.subhead {font-size:20px;margin-bottom:0px;font-weight:bold;}\n.copy {padding-top:0px;margin-top:0px;margin-bottom:30px;}\n<\/style>\n<p><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/chengrob.com\/blog\/wp-content\/uploadsnew\/cyber-nose-copy.png\" alt=\"Biggest Lies in Cybersecurity\" width=\"1200\" height=\"800\" class=\"aligncenter size-full wp-image-4449\" style=\"margin-bottom:30px;\" srcset=\"https:\/\/chengrob.com\/blog\/wp-content\/uploadsnew\/cyber-nose-copy.png 1200w, https:\/\/chengrob.com\/blog\/wp-content\/uploadsnew\/cyber-nose-copy-300x200.png 300w, https:\/\/chengrob.com\/blog\/wp-content\/uploadsnew\/cyber-nose-copy-768x512.png 768w, https:\/\/chengrob.com\/blog\/wp-content\/uploadsnew\/cyber-nose-copy-1024x683.png 1024w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/p>\n<div class=\"number\">1<\/div>\n<div class=\"subhead\">Prevention is futile<\/div>\n<div class=\"copy\">About 10 years ago, long before the ransomware pandemic began, the powers that be decided that cyber prevention was futile, and cyber security should exclusively focus on reaction.  Development and improvements to legacy preventative solutions were halted in favor of reactive architectures such as next generation antivirus, Enhanced Detect and Respond (EDR), Extended Detect and Respond (XDR), and Endpoint Protection Platform (EPP).   A more prudent  and effective strategy is a hybrid between prevention and reaction, however abandoning prevention, maximized revenue for the cybersecurity industry.<\/div>\n<div class=\"number\">2<\/div>\n<div class=\"subhead\">Multifactor authentication is the answer<\/div>\n<div class=\"copy\">Although MFA is prevention, MFA is expensive with recurring maintenance costs.  Not all ransomware enters through an authentication breach.  Lately, the ransomware makers are offering insiders of a bounty of $100,000, to release ransomware onto a network.  MFA is good but insufficient in itself to thwart ransomware.<\/div>\n<div class=\"number\">3<\/div>\n<div class=\"subhead\">Backing up data stops ransomware<\/div>\n<div class=\"copy\">When ransomware was in its infancy, good backups enabled quick restoration of operations and no ransomware payments.  Today\u2019s ransomware exfiltrates data, disables backup services, and encrypts the original data set and the backup too.  Airgapping backups is useless, since the ransomware waits until the backup is not airgapped, and encrypts at that time. Restoring from backup is good for disaster recovery except for ransomware.<\/div>\n<div class=\"number\">4<\/div>\n<div class=\"subhead\">Reacting quickly is the key to stopping ransomware<\/div>\n<div class=\"copy\">While it is possible to monitor, detect and respond to malicious human activity, ransomware traverses a network at 100 to 1000 times the speed of humans.  Ransomware infects a network in seconds or perhaps a few minutes.   People cannot respond fast enough.<\/div>\n<div class=\"number\">5<\/div>\n<div class=\"subhead\">Ransomware is here to stay<\/div>\n<div class=\"copy\">Repeating this lie is job security for the sycophants of the cybersecurity industry.   Ransomware is a business with revenues (ransom payments) and expenses.  Proactively preventing the ransomware from entering the network simultaneously drives down revenue and increases the costs of the ransomware business model.  Ransomware is a metastasizing cancer, but there is still time to suffocate its lifeblood, money.<\/div>\n<div class=\"number\">6<\/div>\n<div class=\"subhead\">The problem is Russia<\/div>\n<div class=\"copy\">Ransomware is the monetization of security holes.  The purveyors of ransomware only need a fast internet connection, obfuscation tools, and a country outside of American law enforcement.  Even if ransomware\u2019s origin were Russia, ransomware could be made almost anywhere whose citizens are looking to make a quick million and get away with it.<\/div>\n<div class=\"number\">7<\/div>\n<div class=\"subhead\">The higher the budget, the better the cybersecurity<\/div>\n<div class=\"copy\">This one is up there with \u201clather, rinse, repeat\u201d and \u201cdrinking alcohol daily improves life expectancy\u201d, although you got to love the moxie.   Cybersecurity giant, Accenture, was hit with a garden variety ransomware that stole terabytes of proprietary data, and a $40M ransom.  Accenture had almost unlimited budget for cyber.  The Accenture infection is analogous to the neighborhood fire department, fire trucks, and firemen burning to the ground.<\/div>\n<div class=\"number\">8<\/div>\n<div class=\"subhead\">Layered security is the right approach<\/div>\n<div class=\"copy\">This lie is the cybersecurity industry saying that they have no idea whether this widget works, and neither do you, so you might was well give it a try.  This Frankenstein approach to cybersecurity makes it impossible to understand what works and what is useless.  Paying for useless security maximizes revenue for the cybersecurity industry.<\/div>\n<div class=\"number\">9<\/div>\n<div class=\"subhead\">There are no silver bullets<\/div>\n<div class=\"copy\">Application whitelisting is the silver bullet.   NIST advises organizations to use modern whitelisting programs, also known as application control programs, to stop cyber threats. The Australian Signals Directorate\u2019s Essential Eight Maturity Model has four levels (0-3) and levels 1, 2, and 3 require application whitelisting.  <\/div>\n<div class=\"number\">10<\/div>\n<div class=\"subhead\">Cybersecurity is complicated<\/div>\n<div class=\"copy\">The cybersecurity industry\u2019s ineffective, reactive, throw spaghetti at the wall, prevention be damned architecture is complicated and intellectually out of reach for businesses, lawmakers, and laypeople.  There are many prevention paradigms in our society and none are complicated.  Health care, fire prevention, tooth paste, home security and so on.  Making cybersecurity unduly obtuse and complicated is part of the industry\u2019s sales playbook but it doesn\u2019t have to be this way.<\/div>\n<div class=\"number\">?<\/div>\n<div class=\"subhead\">What you can do<\/div>\n<div class=\"copy\">Stop repeating the lies. Use common sense.  Keep an eye on Australia.  When buying cyber products, ask your well dressed, attractive, articulate sales person whether any of their customers have been infected with ransomware lately.<\/div>\n","protected":false},"excerpt":{"rendered":"<p>1 Prevention is futile About 10 years ago, long before the ransomware pandemic began, the powers that be decided that cyber prevention was futile, and cyber security should exclusively focus on reaction. Development and improvements to legacy preventative solutions were halted in favor of reactive architectures such as next generation antivirus, Enhanced Detect and Respond [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[18,2],"tags":[],"_links":{"self":[{"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/posts\/4406"}],"collection":[{"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/comments?post=4406"}],"version-history":[{"count":61,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/posts\/4406\/revisions"}],"predecessor-version":[{"id":4469,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/posts\/4406\/revisions\/4469"}],"wp:attachment":[{"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/media?parent=4406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/categories?post=4406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chengrob.com\/blog\/wp-json\/wp\/v2\/tags?post=4406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}