Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Chains Forged in Life

“You are chained,” said Scrooge, trembling. “Tell me why the chains bind you.”

“I wear the chains I forged in life,” replied Marley. “I made it link by link, yard by yard. I fastened it on of my own free will. Is this strange to you?”

“You are chained,” said Scrooge, trembling. “Tell me why the chains bind you.”

“I wear the chains I forged in life,” replied Marley. “I made it link by link, yard by yard. I fastened it on of my own free will. Is this strange to you?”

In Dickens’ classic A Christmas Carol, the parsimonious curmudgeon Ebenezer Scrooge encounters the ghost of his deceased partner and like-hearted skinflint, who warns him of the burdensome cost of wearing chains “forged in life.” The links that comprised Marley’s chains were the choices he made to value self and money over others and, in death, those decisions haunted him with the regret of what could have been if he’d traveled down a different road through life.

Likewise, today’s enterprises are forging fetters that may one day haunt them with the burden of what could have been—what should have been—when choices made of ignorance or intent become a hacker’s kill chain. But as with Scrooge, it’s not too late to change. If you’re reading this, you can break the kill chain and re-write your story.

To be fair, maybe the links to your chain were forged by a predecessor; perhaps those links were forged of necessity based on best available knowledge or technology. Some of those links may be decisions you couldn’t make because of budget constraints or information that was not available at the time. Whatever the cause, your enterprise’s network, and the systems put in place to protect it, are most likely a mishmash of technologies with links both strong and weak.

And you know what they say about chains and weak links.

At some point someone is going to try and find those weak links and exploit them for nefarious purposes. Think you’re immune? I recently read a story about a small linen services company in Massachusetts that was hacked by its larger, New Hampshire-based competitor in an attempt to pilfer a list of customers that it could target for poaching.

This was not a bank, hospital, retail chain or multi-national conglomerate, but a small company cleaning napkins and tablecloths for local restaurants. And the bad guys weren’t sophisticated cybercriminals operating from an Eastern European enclave, nor state-sponsored actors behind the walls of a nondescript Asian warehouse—they were linen cleaners themselves.

Advertisement. Scroll to continue reading.

It doesn’t matter who you are or what business you’re in, the bad guys are going to swiftly move up the kill chain until they get what they want.

So what’s an enterprise to do? First, realize that you can break those chains by breaking just one step. Even if the bad guys managed to convince one of your users to click on a cute cat video, all is not lost. You can stop them in the data exfiltration phase by checking for external communication to known bad IP addresses or detecting sensitive information leaving your network with a data loss prevention solution. Deconstructing the kill chain allows you to create a prioritization strategy that is unique to your business, and develop counter measures for every phase.

Next, make sure you’re thinking beyond prevention, and have invested in a second layer of defenses involving rapid discovery and containment. Prevention is utopia; but security solutions are not hack-proof. The response time between breach and detection is still lagging, and the most important thing when a breach is found is to contain it.

Finally, go on the offensive. That doesn’t mean hack-back at the bad guys, but to hack forward and find the vulnerabilities in your systems before they do, to identify the weak links and disrupt the kill chain that’s been forged in your life.

I’m not talking about a one-time or occasional white hat hacker exercise, but a continuous process that, like the bad guys, uses the latest intelligence, technologies and techniques to probe for cracks in the iron of your defense’s links. Eternal vigilance is the price of security, after all. And like Ebenezer Scrooge on that fateful Christmas Eve, you may vow to make the changes necessary to un-do the burden of a kill-chain forged in life and declare as Scrooge did the next morning:

“I will put everything right! I will change the future!”

Written By

Danelle is CMO at Ordr. She has more than 20 years of experience in bring new cybersecurity technologies to market. Prior to Ordr, she was CMO at Blue Hexagon (acquired by Qualys), a company using deep-learning to detect malware, and CMO at SafeBreach where she helped build the marketing organization and define the Breach and Attack Simulation category. Previously, she led strategy and marketing at Adallom, a cloud security company acquired by Microsoft. She was also Director, Security Solutions at Palo Alto Networks, driving growth in critical IT initiatives like Zero Trust, virtualization and mobility. Danelle was co-founder of a high-speed networking chipset startup, co-author of a Cisco IP communications book and holds 2 US patents. She holds an MSEE from UC Berkeley.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...