People love to click on sensational, shocking or sexy headlines. This isn’t a surprise and it’s not new. But it continues to work so criminals continue to exploit victims by luring them to click in order to conduct nefarious actions like stealing money, stealing personal information and installing malware.
The security industry has been telling people not to click on suspect links since there were links. This education and awareness hasn’t gotten us very far. In fact, while it was once an issue relegated to traditional computers, it’s now spread to tablets, phones and other mobile and computing devices. That’s why when WWE star, Diva Paige, had her private photos leaked online, criminals weren’t far behind.
In this latest incident with Diva Paige, criminals have been enticing users to actually install a smartphone app that will grant the users access to Paige’s photos. Of course, the app is nefarious. The criminals have to work fast because, in a very short time, the photos will be available all over the Internet and in most cases for free thus making the nefarious app less desirable and short-lived.
There have been so many examples of these scams over the years. Criminals follow the news, pop culture and weather and use our interest in these timely topics for exploitation.
The bottom line is that humans are humans and we love to click. No amount of security education or awareness will make a significant difference in reducing the risk. Preventative security controls can help reduce the risk that follows after clicking, just as security controls for incident detection and incident response can help.
But the problem with most security controls are actually the security controls themselves. Many may not even be working as you assumed. There are too many, they are too complex to tune and they often don’t integrate well with your other security tools. Security tool overload is bad for users and it’s bad for business.
Security tool overload
As security leaders, we all have limited time, money and resources. But we also have a seemingly unlimited number of security tools and a full calendar of new trials. Our business is suffering from security tool overload.
We need to re-think security tools and not be slaves to old paradigms that result in security tool overload. It used to be if there was a security hole, we’d buy a tool. If there was a regulatory mandate, we’d buy another tool. Fast forward a few years and we have 50, 60 maybe even 100 different security tools and in most cases we get about $2 of value for every $10 spent on security. Some security tools are hopefully providing great value, some aren’t providing the value we hoped and others are simply hopeless.
Security tool overload is being experienced in virtually every Global 2000 and many government organizations. Not only does it waste time, money and resources, but it increases complexity and that complexity fosters greater risk. It’s ironic that the things we buy to make us more secure can actually make us less secure.
Verodin’s Security Instrumentation Platform helps put an end to security tool overload. “But Brian, isn’t this just another tool adding to my overload?” The simple answer is “no,” because Verodin is a foundational solution for assessing and measuring your security effectiveness at a point in time or trended over time for all the tools you have. Before you buy another tool, make another hire or change a process, you need evidence-driven information to support your decision making processes. You need a foundational solution that helps you make the right security decisions before, during and after investing in security.
We have too many security tools deployed. Verodin will help you figure out which ones are working and which ones aren’t. Here are five easy tactics to avoid security tool overload with Verodin.
1. Tune: Don’t buy another security buzzword. The Verodin platform can help you determine if what you’ve got can do the job. Maybe your firewall, endpoint anti-malware solution or SIEM don’t need to be trashed. Perhaps they just need to be tuned with Verodin to see greater value. Many of today’s most powerful security solutions are highly configurable. Unfortunately, their default configurations aren’t necessarily the right configurations for your organization and they might not be operating the way you assumed. Without proper tuning, your assumption-based security can result in an incident. See what others in our industry think about the security buzzwords in this video.
2. Prioritize: Know where you need to invest. The Verodin platform gives you and your stakeholders, such as the executive team and board, empirical evidence regarding security gaps. Don’t focus on DLP if the higher risk is on your perimeter firewall. Don’t focus on modifying your processes if the bigger issue is team training. Verodin provides prioritization and helps ensure you’re focusing your time and resources where it matters most as illustrated in this Verodin Heat Map Report below.
This Verodin report shows the juxtaposition of Verodin Actors on the internal server network interacting with Verodin Actors on the Internet. In the case of the yellow, checked cell we see that there was:
- A successful attack (fail) related to an “MS-SQL Database Password Hash Dump”
- An unsuccessful attack (pass) associated with a “Netsh Command Execution to Disable the Windows Firewall.”
In other words, you’ll want to focus on the MS-SQL attack and find out why it wasn’t blocked and what can be done to prevent and detect it in the future with current or new security tools.
3. Purchase: Evaluate new security products evenly during a trial. The Verodin platform helps you fairly, quickly, easily and holistically separate security superstars from security snake oil. Verodin lets you quickly determine which products do what you need. Give those products a thorough evaluation on an even playing field and see which ones are best for your environment.
4. Integrate: Evaluate security product integrations. It’s not enough today to have a security product that works in a silo. Security products need to integrate with other solutions to demonstrate real security effectiveness. The Verodin platform helps ensure that your defensive stack is optimized and personalized so that for example your SIEMs won’t suck and that your threat intelligence integrations won’t be inadequate.
5. Monitor: Continuously measure and monitor your security effectiveness. The Verodin platform can automatically and continuously measure the effectiveness of your security tools, people, and processes, thus mitigating defensive regression otherwise known as – stuff that was working has stopped working.
A lot of security solutions focus only on technology, but Verodin is a complete platform that provides foundational value for people and processes too. Verodin helps by facilitating cybersecurity “practice,” not unlike football practice, to keep your team and the processes they follow working efficiently and effectively. See what we mean about the importance of security practice in this video.
With Verodin you can reduce security tool overload. You can make what you’ve got work better. You can get rid of what’s no longer needed. You can make more informed purchases based on true product capabilities, level of integration and business priority. And once your security effectiveness is in a positive state, you can monitor that state to ensure it remains effective through continuous and automated monitoring and metrics.
You’ll save time and money and what you’ll end up with is very simply – the best security tools for your organization. Verodin is a foundational security instrumentation platform that’s breaking old security paradigms and allowing organizations to run security like other strategic business units with empirical data, holistic analysis, and rapid results.
Verodin is defining the emerging concept of Instrumented Security™. Its revolutionary platform empowers enterprises to remove assumptions and prove their security effectiveness with empiric data. Verodin customers dramatically increase the ROI of their existing security investments, achieve maximum value from future spending and measurably mature their cyber prevention, detection and response effectiveness.