If you’re old enough to remember professional basketball in the 1990s, you surely recall the dominance of Michael Jordan. It got to the point that opposing teams implemented a wishful thinking type of strategy: In order to beat the Bulls, they had to contain Jordan, since stopping him was impossible.
Although passes were the only thing that Jordan ever stole, the same strategy applies to how companies have to approach hackers looking to steal credit card information and other sensitive data.
In the not-too-distant past, a company’s security team would discover a flaw from an external or internal audit, a network outage, or unusual activity. But because months or even years could pass before making that discovery, hackers had plenty of time to cause havoc before they or the security holes were detected.
But these days there’s a paradox: Although we have the technology to find open back doors a lot faster, we also have to deal with a constantly growing amount of data and network activity, plus new services and their associated support systems. The economic reality – deploy now, start selling now, make the shareholders happy now – means that it’s almost impossible to completely test everything from a security perspective.
For retail, banking, healthcare and other major industries, the danger doesn’t really come from any potential holes in the servers that contain financial or operational data. Rather, hackers are more prone to go after pure information and data systems. That’s because breaking into the former presents a higher chance of getting caught, whereas the latter can lead to the hacker goldmine: bank account and credit card information.
Even more, hackers often do their work not just for financial gain, but also to make political or social statements. That’s why hackers can be hard to stop – you can’t predict when or how they’ll strike, even if you regularly update your networks with the most sophisticated security technology, privacy protocols and cutting-edge firewall systems.
As long as there is an Internet, as long as companies store valuable information in databases and servers, there will be cyber thieves. As security measures adapt to hacker behavior, the hackers will go back to the drawing board and come up with something new.
In this environment, you can only be proactive to a degree. So put the security focus on recognizing where danger may lurk, which will minimize whatever harm (financial, company reputation, etc.) may come from an attack. In short, focus on containment. Believing that you can stop hackers entirely is like the New York Knicks believing they could shut down MJ. Sorry, it’s going to happen.