Wisdom is the key to preventing illness. Knowing what can make you sick and how to avoid such annoyances is what separates the terminally ill from those who manage to remain perfectly viable despite the prevalence of “bad things” that can take you down.
Let’s all look at something we are all familiar with today - The Pandemic of COVID-19, the bad boy in the world of pathogens. We have learned a lot from this one. We all heard warnings over the years about something like this happening, and we were told to be prepared … and then it happened.
It hit some a lot worse than others, it seems. Generally, weakened defenses on the individual level or vast populations caused major issues. It stopped us cold for a long time.
Over time we got better at dealing with it. No, it's not gone and probably never will be. Still, we implemented many testing methods, mitigations, vaccinations, and changes to the way we prioritize our day-to-day activities and interactions. These tactics help us avoid the big take down that hit so many early in the game. We became wiser and continue to do so. We immunize, test, monitor, and do what we must to keep the wheels of life turning.
So let’s consider the digital world. It is the same story when you think about it. We in the security world put up our warnings and tell everyone that we live in a world where bad things happen all the time, and things could get a lot worse. Many security companies tell us about these bad things all the time and offer the solution they claim will fix those things. Frankly, some of these security products are very good at fixing some things. However, it’s hard to know what works when you aren’t properly identifying the problem and monitoring the effectiveness of the solution. Digital pathogens are specific, and knowing the particular vulnerability is the key to prioritizing the practical set of needed solutions. Gaining wisdom about your digital assets, what they are vulnerable to, and what potential risk profile your organization is facing is achieved by aggregating enough pieces of information to paint a clear picture.
Yet it goes beyond simply understanding how vulnerable your organization may be. It is just as important to know how vulnerable your business partners may be or any organizations that have access to or interact with your organization. We can do what we can to prevent digital attacks on our systems, but understanding how vulnerable systems your organization interacts with can upset your business operations, and the supply chain can be far more complex. Wisdom extends your knowledge beyond what you may determine as obvious now to what is perhaps less evident at first glance. Communicating about the external risks has become easier for us in the world of biological pathogens after “The Pandemic” came about since we now feel bold enough to let those outside our comfort zone know that their approach to wellness may pose a risk to you. Yes, we still see some push back, but presenting facts seems to help sway opinions (most of the time anyway).
So let us consider this for a moment. Understanding what level of exposure and how vulnerable your organization is to the known digital pathogens and how often your organization is susceptible to such annoyances is potentially an excellent first step to preventing a digital take down from happening. The great thing about wisdom is that it is more effective at preventing problems than blind fear. Knowing what to do, when to do it, and how to do it is the key.
In the next part of this series, we take a look at understanding the attack surface, and what we can learn from that from the perspective of digital pathogens.