Iconic filmmaker John Carpenter once said this about horror flicks: “There are two different stories in horror: internal and external. In external horror films, the evil comes from the outside, the other tribe, this thing in the darkness that we don’t understand. Internal is the human heart.”
Similarly, there are two main cybersecurity horror stories – external attacks and insider threats. Like cliched horror movies where teenagers are stalked by maniacal killers, or families are haunted by unwelcome ghosts and specters, most organisations are under continuous attack from fearsome cyber threats in one form or another.
Companies need to beware of both external cyberattacks and insider threats. Like a classic horror film, both threats come with their own elements of mystery, suspense and fear. Fortunately, it is possible to defend each type of attack vector using a similar cybersecurity strategy for each. More on that later. First, let’s set the scene of the current security landscape.
Ghosts Float Through the Walls
In the past, IT focused on hardening the network perimeter against outsiders. The idea was that if you stop the villains from getting in, then nothing bad happens. It was the classic fortress-based approach to keeping the zombie hordes at bay. But there was a fatal flaw. Many organisations fixated on perimeter security gave implicit trust to anyone already on the inside. Needless to say, this approach triggered a number of horrific data breaches and paved way for the zero trust movement.
Of course, companies should continue protecting the perimeter and defending against known threats, as they’ve always done. Known cyber threats represent an omen of doom l ..
Support the originator by clicking the read the rest link below.
