A New Era in Cybersecurity – Assume Breach Mentality

Feb 2, 2021 | Security

As we kickoff a new year of 2021 and begin marching towards this year’s goals and objectives for success, I wanted to share thoughts and feedback around the ever-growing elephant in the room called cybersecurity. It has been a challenge for small businesses for many years, and unfortunately the silver bullet to solve all the risks and vulnerabilities has yet to be found.

Many organizations have continually improved their cybersecurity defenses over the past few years as a constant stream of breaches and hacks have monopolized the headlines around the world. So, what is next in 2021 in relation to cybersecurity? In short, more of the same. The cat and mouse game will continue, blue teams (defense) and red teams (offense) will get better. The cats will catch some of the mice, the mice will outsmart some of the cats, and around we will go.

There are two concepts that I want to share which I believe will significantly alter the strategy for your organization and the effectiveness of its cybersecurity. They are “assume breach” of “the crown jewels”. Let us dive into each of these a little bit more.

Assume Breach

If we start with “assume breach”, we are shifting our strategy for building our cybersecurity program with the mindset that we have been, or will be, breached by a threat actor. In most cybersecurity breaches that are publicized, we often find out that threat actors have been soaking in the environment for months. This persistent access allows them to move through the organization and its digital assets locating, identifying, and evaluating what is critical to the organization, allowing them to establish the best plan for extracting value.

  • Some threat actors will attempt to stay in the system undetected, siphoning off personally identifiable information that is then sold on the dark web.
  • Others will extract trade secrets or other intelligence that could be sold to competitors.
  • Or some just monitor transactions such as email and accounting looking for the big payday when they can launch their attack.

In these cases, the threat actor has already gotten through the cybersecurity defenses or controls intended to protect the system. So, what would it look like if we started planning with that mindset? Would we do things differently? Would we implement more controls that are closer to the “crown jewels?”?

The Crown Jewels

Often the most basic of items are overlooked or not scrutinized because of the technical controls (the flashy items) that are installed. We believe that the firewall and antivirus will be enough. That simply is not the case, and taking this assumed breach approach means we might take more time evaluating controls such as:

  • Multifactor authentication on any public facing access point that leads to data.
  • Stronger access controls such as data classification and labeling.
  • Deeper adoption of data encryption and data loss prevention.
  • Continuous monitoring of systems using a Security Operations Center (SOC)
  • Deployment of more advanced tools like endpoint Managed Detection and Response (MDR)

All in all, the goal is to protect the “crown jewels” of the organization, whether that is data, knowledge, product, etc. But what if you do not know what the crown jewels for the organization are? If that is the case, ask yourself this one question….

  • If the entire system is down when you arrive to work tomorrow, what are you going to ask your team to focus on first?

This simple question should lead you to what is most important for the organization to be operational and to be providing the goods or services that your clients or community rely on. With this information in mind, you can then explore the assumed breach mentality to arrive at a fair evaluation of your existing cybersecurity defenses. If you have anxiety during this process, do not worry, that is to be expected. The goal is that by the end, once you have identified the crown jewels and worked through the assumed breach exercise, you will have more confidence in your existing controls or a better action plan to develop the necessary cybersecurity defenses to protect your organization.

At Axxys Technologies, Inc. we have invested considerable resources in building our team to help support your needs in information technology (IT) and cybersecurity. We are here to assist you in exploring concepts like these to ensure your organization has the peace of mind it needs to move forward in these times of seemingly endless cyberattacks. Contact our team today to review your needs related to IT and cybersecurity.

Recent Posts

Cloud Use Cases for Small and Growing Businesses

Cloud Use Cases for Small and Growing Businesses

As you may have heard, the cloud is a network of remote servers hosted on the Internet. But for businesses the world over, the cloud represents the next step in technological evolution. The cloud unlocks speed, flexibility, scale, and cost savings that businesses of...

2023 Cybersecurity Trends for Small Business

2023 Cybersecurity Trends for Small Business

The threat of cybercrime continues to grow each year, and small businesses are particularly vulnerable. The latest cybersecurity trends indicate that organizations of all sizes must remain vigilant in order to protect their valuable data.  In this article, we'll cover...

Security in a Co-Managed IT Environment

Security in a Co-Managed IT Environment

Security in a co-managed IT environment looks a little different than in a traditional environment. Don’t be alarmed. When leveraging a partner to co-manage your environment, you’ll actually have better, more robust security in most cases than if you were to manage...

Five Signs you Need Better IT Support

Five Signs you Need Better IT Support

IT systems can make or break any business. They provide an avenue for communication and collaboration, help with organizational efficiency, and drive improved customer service. Without proper IT support, businesses are often left in despair and experience hindering...

Co-Managed IT Services for Financial Services

Co-Managed IT Services for Financial Services

Financial services companies are faced with the challenge of keeping up with technology because they cannot sacrifice data security or compliance. As a result, more organizations are turning to co-managed IT services as an option that provides a balance between cost...

Co-Managed IT Services for Oil and Gas

Co-Managed IT Services for Oil and Gas

The Oil and Gas industry is an ever-evolving sector that operates in a highly competitive global market. Companies must stay ahead of the competition to remain profitable, which means keeping up with the latest technologies and trends. One way to do this is with...