Cybersecurity, just like a game of chess, is a strategic battle against a formidable opponent. However, unlike chess which has remained the same for over six centuries, cybersecurity changes constantly. Techniques once used to stop cyber-attacks, such as implementing strong anti-virus software, now provide very little protection against modern attacks. In fact, cyber-attacks have evolved to be so sophisticated that technology alone cannot stop them.
The way businesses operate today is vastly different than how they operated 10 years ago. With the widespread adoption of cloud technologies and remote work, business information now resides across numerous technologies with multiple service providers. Therefore, simply installing anti-virus software on a computer cannot effectively protect the business from all the possible attack vectors. An effective cybersecurity defense strategy requires each of the systems (computers, servers, networks, firewalls, internet, email, cloud servers, etc.) to be independently protected with overlapping solutions.
The Promise of “Turnkey” Cybersecurity
As complex as cybersecurity has become, many businesses seek out turnkey solutions that allow them to outsource the responsibility to someone else. Jumping at the opportunity is a long line of cybersecurity solution providers with a streamlined product that allows businesses to forget cybersecurity while the provider takes care of it all.
Many new providers focus on a technology referred to as Extended Detection and Response (“XDR”). XDR technology allows solution providers to monitor activity across multiple different systems (local networks, cloud servers, email systems, etc.), analyze that information, and quickly identify when a cyber-attack has been successful and breached the customer’s systems. Sound great, right?
These technologies are very appealing to businesses because it appears to solve the problem of securing all these new, diversified technologies while also offering one simple product they can subscribe to. Therein lies the problem, however. XDR is not a complete cybersecurity defense strategy and is arguably one that is more appropriate for businesses that have already implemented prerequisite security solutions.
Reactive vs. Proactive
Consider for a moment a business uses Microsoft 365 to host all its email and business files. As a cloud-based system, threat actors can easily target the business’s staff and try to breach their accounts. Fortunately, the business has an XDR solution in place, and it’s notified when one of the staff has had their accounts compromised. The XDR solution shows where the attack came from, and what information they breached. Pretty cool!
In this scenario, the business took a backward and reactive approach to cybersecurity. Instead of jumping straight to an XDR solution, the business should have first focused on building defenses to try and stop cyber-attacks in the first place. For example, the business could have implemented Conditional Access in Microsoft 365 to prevent any systems outside the United States from logging in to Microsoft 365. The business could have also enforced multi-factor authentication (“MFA”) and stronger password requirements on its user accounts. In this scenario, implementing these two defenses alone would have proactively stopped the attack in its tracks without the need for the XDR to be engaged.
The Human Responsibility
One final mistake businesses make is assuming cybersecurity can simply be outsourced. While true that much of it can be outsourced, considerable responsibility still falls on the shoulders of the business’s leaders and employees. Users must be trained on their individual responsibilities, instructed what to do if they notice suspicious activity, coached how to use MFA both inside and outside of work, shown how to safely handle company information, and reminded that they play an equal part in defending the business against cyber-attacks.
As complex and ever-changing as technology and cybersecurity are today, a turnkey cybersecurity product cannot protect a business as well as leaders hope it will. Instead, businesses must first focus on implementing proactive cybersecurity defenses and embracing the human responsibility. Once the business has sufficiently bolstered its cybersecurity posture, then it may evaluate additional technologies, such as XDR, to continue strengthening its defenses.