Skip to content

If your security is focused on the wrong things, you might miss a big threat

Are you missing Detection & Response?

Arthur Gaplanyan

Detection and Response

A lot of companies don’t take cybersecurity seriously. Clearly, they are not aware of the vast number of threats and their exponential growth every year. But the businesses that do take their cybersecurity seriously should then be okay, right?

Maybe not.

Let me illustrate. If you want to protect your home from burglars, you will take a serious approach. You probably have a lock on your door and an additional deadbolt. Maybe you have an alarm system. Maybe you have bars on your windows and a locked fence around your yard. You could even have a guard dog ensuring that nobody comes close to your house, at least without you knowing and them getting bitten.

All of that security is great, but what if somebody was already inside? Then none of those things matter.

The same could be said about cybersecurity. A recent study by cybersecurity company Exabeam shows that the vast majority of companies focus on the prevention of breaches rather than the detection of breaches. In fact, two-thirds (66%) of the IT managers surveyed stated that prevention is their main priority while the remaining 33% said detection and response is their focus.

Who has the right approach to cybersecurity?

Well, they both do.

Prevention is key in protecting your valuable information and assets. By implementing strong security measures, you can help ensure that breaches don’t happen in the first place. This can include using strong passwords, multi-factor authentication, regularly updating your software, and being cautious when it comes to clicking on suspicious links. Of course, you should have a strong firewall, email security, and backup systems in place no matter what.

Build a 10-foot wall and I’ll show you a 12-foot ladder.

Despite all your security, if somebody wants to break in, they will. It’s been proven that almost all (93%) of companies can be breached within 2 days if a cybercriminal wanted. So criminals can get in. They might have already done so and you just don’t know it.

Focusing only on prevention might just have you miss threats to your business. The study shows that 80% of businesses experienced more than one data breach last year. Multiple breaches for the majority of businesses – even with good security in place.

Patrolling your network is required.

That is why detection and response is needed. It’s all about finding out if a breach has occurred and fixing it as quickly as possible. It involves constant scanning of your systems, 24 hours a day, 7 days a week. Proactively scan everything. Look for the bad guys everywhere. Your servers, your storage, your workstations, your cloud…anything that touches your network. Everything. Use tools and AI to check user account behavior, typical file usage, and alert and shut down any suspicious activity.

Cybercriminals are constantly working on new threats and ways around security. That is why a proper security approach needs to be well-rounded and include both prevention and detection policies in place.

If you need help reviewing your current security and implementing detection tools, reach out for a free consultation.