On an autumn day in 2008 while I was an active, practicing journalist, I sat in my office and interviewed Todd Davis, CEO of LifeLock for my article on scanning the underbelly of the web. Todd is perhaps best known for appearing in ubiquitous advertising and broadcasting his Social Security Number. At the time, it was becoming clear that online threats to identity theft were growing dramatically, and they were introducing their new service to help their customers avoid appropriation of their identity online.
We’ve come a long way since then. So far, in fact, that the NSA has change their strategy in a way that should send a shiver down the back of everyone responsible for enterprise security: They have switched to assuming that security has been compromised.
Let that settle for a moment. The NSA, the organization most responsible for understanding the cyber-security stance of the United States, its allies, and other countries and organizations worldwide has changed its approach to an assumption of breach.
As I noted in Inside the Mind of an Attacker and Inside the Mind of an Attacker (Pt 2), the motivation and environment of attackers has changed. Now, those with the greatest amount of information are agreeing that the situation has shifted.
With more than 100 foreign intelligence agencies targeting assets plus a likely greater number of criminal organizations, you need to decide how you are going to defend against this new environment. What tools and approach will you use once you recognize that evil actors are in your network? What does defense mean with this mindset?
What’s your answer?