Here's the scenario: A state-sponsored attacker uses a zero day to breach the environment. This foothold lets him run previously unknown, fileless attacks originating from an exploited process. Fortunately, his evil plan is foiled by our next-generation, AI-powered security tool that detected and prevented it in nanoseconds!
While silver bullets shine brightly, unfortunately, they work mostly against werewolves, not real-life cybersecurity incidents.
I spent a decade in intelligence with Unit 8200 of the Israel Defense Forces (IDF), considered one of the most elite cybersecurity offensive units in the world. After the military, I spent another decade at Check Point Software Technologies, one of the largest pure-play security vendors.
The most important cyber defense lesson I learned in the IDF and at Check Point is that security basics are always more important than shiny new security toys. Why? Because at the end of the day, it doesn't matter how sexy your “next-gen, real-time enforcement cyber death ray” is — attackers will always take the simplest path to breach your cyber defenses.
I'm not the only one to have this belief. Security basics are often listed as fundamentals in anyone's cybersecurity pyramid, as illustrated by Gartner's cloud security report visual below.
This fundamentals-first strategy is no surprise to experienced practitioners. Having the correct infrastructure configuration, effective posture management, full visibility to the environment, and patching and configuring are all at the base of the pyramid. Meanwhile, advanced threat detection tools are at the top of the pyramid, indicating that they're Important, but remove less risk. Simply put, good IT hygiene dramatically reduces risk more th ..