Managed Detection and Response
Living Left of Boom in a Right of Boom World
August 24, 2022 | 3 min read
Frank Downs
Senior Director, Proactive Services
As corporations become more dependent and integrated with the internet for daily operations, cybersecurity continues to mature as a consistent consideration for every employee – from new, tactical-level hires, to experienced executives.
Every day, more and more corporate operations either take place online, or require a level of connectivity to ensure that business can occur. However, despite these facts, many organizations continue to adopt a reactive cybersecurity posture, rather than embracing a proactive stance. These are organizations that live “right of boom.” The boom, in this case, is a negative-business-impacting event, which often includes a cybersecurity component or uses the internet as a launching pad for a damaging attack.
However, some organizations have realized that the old adage, “A pinch of prevention is better than a pound of cure,” applies to cybersecurity operations and, as such, have taken key steps to increase their security maturity, harden their risk profile, and live a “left of boom” lifestyle.
Planning for the Inevitable Boom
Organizations shouldn’t be faulted for operating “right of boom” in the past. In fact, through most of the convergence of business and connectivity, organizations relied on reactive tools to identify potential issues. Penetration tests, anti-virus, and vulnerability scans are excellent tools for any cybersecurity implementation. However, they all share the same reactive reliance, basing the majority of their efficacy on understanding what types of compromises and attacks have occurred already, or identifying ones in progress. While these amazing capabilities can mature an organization from a far-right boom business; alone, they do not bring corporations left of the inevitable booms.
In order to cross the boom threshold, where attacks, exploitations, and corporate downtime occur, organizations need to implement more proactive and strategic controls. These are the controls that are sometimes mislabeled as “nice to have” when, in reality, they are imperative security requirements that mature an organization into a strong, prepared entity. These capabilities allow a company to react quickly to an incident, reduce an incident’s impact and, in many cases, stop attacks before they occur. These controls include risk assessments, properly maintained governance plans, such as an incident response plan, a well-managed Security Operations Center (SOC), and comprehensive network awareness.
Illustrating the Value of Security Controls
While these strategic “left of boom” controls are undoubtedly effective in protecting organizations, they sometimes prove difficult to implement. Specifically, as security operations within an organization are often viewed as cost centers rather than revenue generators, many executive boards, finance divisions, and stakeholders require additional engagement by security champions to gain appropriate understanding regarding the imperative nature of the controls.
Outside of required legal, insurance, and industry compliance, it is incumbent upon the security leadership to appropriately illustrate the incredible impact that these left of boom controls have. While there are several ways to present the value of additional control implementation, one of the most effective is identifying, and understanding, the value and revenue-generating operations occurring on key parts of corporate infrastructure. Articulating the loss in revenue that downtime of key infrastructure can bring to the organization can help emphasize the importance of applying proactive controls to prevent costly incidents. Oftentimes, effective communication of the loss impact results in stronger executive endorsement of these critical controls.
The business world still lags behind threat actors regularly launching cyber attacks against it. Implementing reactive controls, while important, are only one part of the solution. Truly mature and prepared organizations understand that there are controls which, when applied, can lead to a “left of boom” operational environment. One where an organization is strong enough to react effectively to attacks, wise enough to prepare appropriately for them, and prescient enough to avoid them before they occur.
Looking for additional “left of boom” resources? Catch up on part one of our Back to Basics series, or download the eBook.
Frank Downs serves as Senior Director, Proactive Services at BlueVoyant.
Related Reading
Digital Risk Protection
From Zelle to Your Wallet: The Mechanics of Third-Party Phishing
September 12, 2024 | 3 min read
Managed Detection and Response
Forrester Study: BlueVoyant MDR Delivered a 210% Return on Investment for Clients Through Effective Threat Detection and Response, Optimized SecOps Spending, and Reduced Breach Incidence
September 10, 2024 | 5 min read