Why does it seem like despite the ever-evolving technology and the billions of dollars being spent on cybersecurity, that the attackers are winning? Well, in two words: they are.
Despite our best efforts to disrupt cyber attacks, it’s the current paradigm that isn’t working, not just the technology we deploy. Below, I discuss the current “defender’s paradigm” - the predominant thought model that still informs the defensive behavior and security posture of large parts of the cybersecurity community - and examine how we got here and what we can do about it.
The current Defender’s Paradigm
The current defender’s paradigm is pretty simple: it’s the realization that the cyberwar is going to be fought on your network and preparing accordingly. The most valuable networks have thousands of endpoints, ever-changing rosters of users, and enclaves of incredibly valuable information distributed worldwide. As such, most organizations, either through concerted planning or trial and error, generally follow a six-step