Why Many Organizations Favor Prevention-Based Cybersecurity

Why Many Organizations Favor Prevention-BasedIn a recent survey polling financial services, healthcare, manufacturing, and retail organizations, SilverSky learned that more than 70 percent designate the prevention of cybersecurity attacks as their highest priority when making resource allocation decisions.

This makes sense because many of us are deeply oriented to believe that an ounce of prevention is worth a pound of cure. However, to effectively defend the digital estate and its assets, we must construct a more sophisticated technology posture. Additionally, prevention-based security is straightforward. With a prevention-based approach, an organization can focus its attention and budget on improving its existing defenses. This strategy does not require the knowledge and expertise necessary for detection and remediation.  

Finally, preventing a cyberattack is always better than responding to it. If an organization can prevent all attacks against its systems from succeeding, it never has to investigate and remediate a cybersecurity incident or data breach. However, are many organizations overly reliant on cybersecurity prevention?

The Shortcomings of Prevention-Heavy Cybersecurity

Prevention technologies such as UTM appliances, firewalls, web filtering services, and antivirus software are critically important and are continually becoming more advanced. Of course, preventative technologies need to be coupled with good digital estate hygiene like patches and software license updates. 

However, prevention technologies fail to extend robust protection to all endpoints and often fail to detect breaches that have penetrated and are moving laterally through your networks. 

Downsides of reliance on vulnerability patching

Prevention-based cybersecurity strategies rely heavily on vulnerability patching. An organization must patch a vulnerability shortly after the patch is released to protect its network; however, in reality, patch-based security is challenging to scale. More than 22,000 new vulnerabilities were discovered in 2019—33 percent were rated high severity based on their CVSS score, and many of these vulnerabilities had no associated patches.1

The average time between vulnerability disclosure and patch availability is approximately nine days.1 Most vulnerabilities are exploited as zero-days—the period before a patch is available for a given vulnerability. However, given that it is difficult for organizations to remain current with all needed patching activities, attackers often exploit vulnerabilities weeks, months, and years after patches are released.

Prevention-based strategies can’t keep pace with cybercriminal sophistication

Again, prevention technologies have made significant leaps in recent years, in large part because of advancing artificial intelligence and data analytics tools. However, the reality is that prevention will reduce the number of successful attacks, but cybercriminal approaches are continually growing in variety and sophistication. Here is a sampling of the types of advanced attacks companies face:

Advanced persistent threats (APT)—APTs tend to be particularly sophisticated threats and typically have the funding of a nation-state or state-sponsored group. They work to gain access to a computer network and usually remain undetected for an extended period until they find what they are looking for or can time their attack for maximum impact.

Smash and grab—Smash-and-grab approaches have made a comeback. Despite a low dwell time, the potential for exposure and damage is still high. Additionally, these attacks often aim to embed a backdoor so the attacker can return later.

Insider jobs—Insider jobs are pervasive threats that will not be detected by prevention technologies. These incidents involve solicitation of corporate IT professionals on the dark web. Recruited insiders receive hefty fees to execute or aid in the execution of the attacks.Cybersecurity demands rapid detection and response

Social engineering—Although some social engineering attacks are still spam-like in execution, many are increasingly well researched to better target victims and increase the likelihood of desired actions. Many of these attacks are extremely difficult to prevent; employee education, training, and a cybersecurity culture in which all employees participate are the best defenses.

Every company must continuously review its prevention tools and determine which technologies will offer the most effective prevention for the investment. However, a determined attacker will eventually succeed, and virtually every company will get hacked. For many years, SilverSky has been helping organizations protect their organizations by recognizing the critical importance of prevention, but also implementing detection, remediation, and response to act quickly and minimize damage when attackers do succeed. Let us know if we can help.

Security Engineer Administrator
SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

Previous

Next

Managed Detection and Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

OPTIONS:

Managed Endpoint Detection and Response

Protects against all threat vectors.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email and Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

How does SilverSky's integrated stack of solutions meet your needs?

Compliance and Risk Services

Assess your program and controls, benchmark and identify areas for improvement. Develop your security roadmap for investment and improvements. Effectively measure ROI and impact on your security posture

Incident Response Readiness

Incident Response Plan Development / Review. Incident Response Readiness Review. Emergency Incident Response.

Discuss your compliance, risk management and incident response readiness needs.

Schedule Free 1-on-1 Consultation

Financial Services

1,500+ small & mid-sized financial institutions rely on SilverSky to meet and exceed FFEIC, GLBA and PCI DSS requirements and overall cybersecurity needs.

Healthcare

Hundreds of small & mid-sized healthcare organizations rely on SilverSky to address HIPAA and other regulatory requirements and serve overall cybersecurity needs.

Retail

Small and mid-sized retail organizations count on SilverSky to maintain PCI DSS requirements, secure customer data and reduce cybersecurity threats.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Resources

White papers, guides, tools, on-demand webinars, case studies and more. Explore a range of topics. 

Events & Webinars

Blog

Product Sheets

SilverSky product and services information at your fingertips. Product data sheets, compliance matrixes, & brochures.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Become A Partner

Partner with SilverSky to tap into the approaching $300 billion+ cybersecurity market.

Talk to one of our partner managers and consider expanding your cybersecurity offerings.

Schedule Partner Exploration Discussion

Share This