{"id":6320,"date":"2016-08-04T21:25:40","date_gmt":"2016-08-04T20:25:40","guid":{"rendered":"https:\/\/www.n-able.com\/?p=6320"},"modified":"2021-04-09T21:35:45","modified_gmt":"2021-04-09T20:35:45","slug":"it-possible-never-experience-it-security-breach","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach","title":{"rendered":"Is it possible to never experience an IT security breach?"},"content":{"rendered":"<p>Every so often, a misleading badge will turn up on a website that says it\u2019s safe from hackers. How true is that? Can we guarantee that we\u2019re 100% secure and will never experience a security breach? We asked some industry experts to find out.<\/p>\n<p>Steve Durbin raises his eyebrows at the concept of 100% security. The managing director of the\u00a0<a class=\"ext\" href=\"https:\/\/www.securityforum.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Information Security Forum<\/a>\u00a0hears about new attacks every day from members, and knows just how tenacious attackers are getting. He believes that 100% security is unrealistic for the simple reason that criminals are getting better at it \u2013 far better than we are.<\/p>\n<p>\u201cThe technical capabilities and reach of cybercriminals are now equal to those of many governments and organizations,\u201d he says. \u201cIn the next few years, these capabilities will extend far beyond those of their victims. As a result, the ability of current control mechanisms to protect organizations is likely to diminish, exposing them to greater impact.\u201d<\/p>\n<h3>The cyber arms race<\/h3>\n<p>Can\u2019t we simply use better tools and techniques than they do? Good luck with that. Cybersecurity isn\u2019t the kind of war where one person completely wins and the other completely loses. Instead, it\u2019s a cat and mouse game. Cybersecurity expert Aditya K Sood, author of\u00a0<a class=\"ext\" href=\"https:\/\/www.goodreads.com\/book\/show\/20722057-targeted-cyber-attacks?ac=1&amp;from_search=true\" target=\"_blank\" rel=\"noopener noreferrer\">Targeted Cyber Attacks<\/a>, describes it as an arms race where organized cybercriminals and \u2018white hat\u2019 security researchers each try to best each other with new tools and techniques.<\/p>\n<p>What does this arms race look like in practice? Criminals create viruses that steal your data, so researchers create tools that identify that malware based on its digital footprint, known as its \u2018signature\u2019.<\/p>\n<p>So the criminal makes the virus polymorphic, meaning that the software effectively rewrites itself to change its digital footprint each time it installs. In response, the researchers start to identify the software by what it does, rather than simply what it looks like.<\/p>\n<p>This exchange never ends, because the criminals will always be back with a new innovation. Virus software first appeared in the mid-eighties. Today, there are hundreds of thousands of new variants appearing\u00a0<a class=\"ext\" href=\"https:\/\/www.av-test.org\/en\/statistics\/malware\/\" target=\"_blank\" rel=\"noopener noreferrer\">each day<\/a>.<\/p>\n<p>Battles like these are being fought all the time, across many different technologies, and they\u2019re endless. Which means that no one will ever win the war. The result: a constantly shifting landscape of wins and losses. Corporate networks are the battlefield, and they are littered with compromised systems and stolen data.<\/p>\n<p>It\u2019s difficult enough to prove that you haven\u2019t been breached yet, let alone guarantee that you\u2019ll be safe in the future. Forensics retrieved from breached sites reveal that intruders were happily dormant inside corporate networks for weeks or even months without being discovered. Compromised organizations took a median average of 146 days to discover intruders in 2015, according to\u00a0<a class=\"ext\" href=\"https:\/\/www2.fireeye.com\/rs\/848-DID-242\/images\/Mtrends2016.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">Mandiant\u2019s M-Trends 2016 report<\/a>. How many intrusions were never discovered, and how many companies are congratulating themselves on not being hacked?<\/p>\n<h3>Reduce your risk<\/h3>\n<p>Cybersecurity isn\u2019t about proving that you\u2019re \u201cunhackable\u201d. Instead, it\u2019s about tipping the odds in your favour through risk reduction, according to Sood. Companies must reduce the likelihood of threats with defensive tactics, while reducing the magnitude of the threat if they do still occur.<\/p>\n<p>\u201cFor risk reduction, there are many \u2018low hanging fruits\u2019 or approaches that organizations can follow,\u201d he says, highlighting the need for a healthy mixture of user awareness and technical controls.<\/p>\n<p>Employees must be trained not to click on suspicious links, he warned. Administrators must update antivirus software, browsers and system software, and should impose strong password and two\u00adfactor authentication. Companies enjoying the benefits of mobility should control mobile devices more effectively with appropriate management software.<\/p>\n<p>Give yourself more of an advantage by thinking like a crook, Sood advised. \u201cCyber attacks can be thwarted by staying ahead in the cyber arms race,\u201d he says. \u201cThis is possible only when the defenders understand the stealthy tactics opted by attackers to conduct cyber attacks.\u201d<\/p>\n<p>We can guarantee security, to within just a hair of 100%. Just turn your computers off, disconnect them from the network, encase them in concrete and then bury them in an underground safe, guarded by lions. Armed with lasers. Then never turn them on again.<\/p>\n<p>Or, in the real world, assume that you\u2019ll always be vulnerable to some degree and respond with a sensible risk reduction regime. At the very least, be sure that you\u2019re harder to break into than the next guy.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates<\/p>\n","protected":false},"author":38,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-6320","post","type-post","status-publish","format-standard","hentry","topic-msp-business"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Is it possible to never experience an IT security breach? - N-able<\/title>\n<meta name=\"description\" content=\"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Is it possible to never experience an IT security breach? - N-able\" \/>\n<meta property=\"og:description\" content=\"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2016-08-04T20:25:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-09T20:35:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Danny Bradbury\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"Danny Bradbury\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\"},\"author\":{\"name\":\"Danny Bradbury\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/9efc2ff2161069ac07aa5b934493697e\"},\"headline\":\"Is it possible to never experience an IT security breach?\",\"datePublished\":\"2016-08-04T21:25:40+01:00\",\"dateModified\":\"2021-04-09T20:35:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\"},\"wordCount\":745,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"articleSection\":[\"MSP Business\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\",\"url\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\",\"name\":\"Is it possible to never experience an IT security breach? - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#website\"},\"datePublished\":\"2016-08-04T21:25:40+01:00\",\"dateModified\":\"2021-04-09T20:35:45+00:00\",\"description\":\"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"MSP Business\",\"item\":\"https:\/\/www.n-able.com\/it\/blog\/category\/msp-business\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Is it possible to never experience an IT security breach?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/it\/#website\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/it\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/it\/#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/it\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/it\/#\/schema\/person\/9efc2ff2161069ac07aa5b934493697e\",\"name\":\"Danny Bradbury\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g\",\"caption\":\"Danny Bradbury\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Is it possible to never experience an IT security breach? - N-able","description":"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach","og_locale":"it_IT","og_type":"article","og_title":"Is it possible to never experience an IT security breach? - N-able","og_description":"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates","og_url":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2016-08-04T20:25:40+00:00","article_modified_time":"2021-04-09T20:35:45+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Danny Bradbury","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Scritto da":"Danny Bradbury","Tempo di lettura stimato":"4 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach"},"author":{"name":"Danny Bradbury","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/9efc2ff2161069ac07aa5b934493697e"},"headline":"Is it possible to never experience an IT security breach?","datePublished":"2016-08-04T21:25:40+01:00","dateModified":"2021-04-09T20:35:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach"},"wordCount":745,"publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"articleSection":["MSP Business"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach","url":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach","name":"Is it possible to never experience an IT security breach? - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/it\/#website"},"datePublished":"2016-08-04T21:25:40+01:00","dateModified":"2021-04-09T20:35:45+00:00","description":"Some website and companies may claim to be 100% secure, but is this actually possible? Danny Bradbury investigates","breadcrumb":{"@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/it\/blog\/it-possible-never-experience-it-security-breach#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"MSP Business","item":"https:\/\/www.n-able.com\/it\/blog\/category\/msp-business"},{"@type":"ListItem","position":2,"name":"Is it possible to never experience an IT security breach?"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/it\/#website","url":"https:\/\/www.n-able.com\/it\/","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/it\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/it\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/it\/#organization","name":"N-able","url":"https:\/\/www.n-able.com\/it\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/it\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/it\/#\/schema\/person\/9efc2ff2161069ac07aa5b934493697e","name":"Danny Bradbury","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/168f07b730bda395ce228e3be2c570c3f193fbb79593b82700889a17b40471be?s=96&d=mm&r=g","caption":"Danny Bradbury"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/6320","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/users\/38"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/comments?post=6320"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/posts\/6320\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/it\/wp-json\/wp\/v2\/media?parent=6320"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}