“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
Sun Tzu, The Art of War
Coming off the heels of another RSAC week, seasoned vendors and ambitious new ones took to the halls to show their latest and greatest security solutions, and yet never has this quote meant more. I want to first say, I am a GEEK and I love technology as much as the next person, but when asked to explain why then if so much security technology is available on the market do we appear to still be losing the war? It takes every ounce of self-control that I have not to shout, ”IT’S NOT PRODUCT WE LACK!”
Truth is, security requires a combination of knowing yourself, your potential adversaries and having the right controls in place to protect and defend. However, if businesses remain reactive, waiting on legislation that forces them into action, we will most certainly lose many battles, if not the entire war.
Understanding the adversary requires a proactive approach. Businesses need to establish a threat hunting practice to test their environment on an ongoing and continual basis. By its very nature, threat hunting requires human action to proactively discover new threats in your network before an actual incident can take place.
By the sheer size of RSAC, and its annual rate of growth, I am certain we will continue to see new solutions enter the marketplace, of this I have no doubt. But I leave you with this thought, If prevention is your ideal, threat hunting is a must.