If you were living in the 1950s-60s, you might recall those sun reflectors people used to tan their faces. It enhanced the sun’s burning effect, and was a “normal” practice back then. By the 1970s, scientists discovered that this practice was not so smart. In fact, they developed sun blockers to reduce UV radiation exposure. So, the “new normal” became all about reducing exposure instead of increasing it.
As a fair-skinned child prone to sunburn, I remember my mom slathering me with SPF 10 sunblock whenever I spent time outdoors. SPF 10 was the strongest protection available at that time, and it quickly became the norm. Nowadays, SPF 10 is deemed relatively weak, with SPF 30-50 commonly used to avoid harmful exposure. Another new norm. As the evidence of new dangers increased, protection norms evolved accordingly.
Sunburn, malware, it’s all the same
Where am I going with this? Well, let’s look at computer protection. When I got my first PC in the 1980s, like everyone back then, I had no antivirus software. It wasn’t even a thing yet. So that was the norm. As the World Wide Web gained popularity in the 1990s, so did computer viruses. Consequently, the need for antivirus software to safeguard our systems grew rapidly. By 2000, having antivirus software was a no-brainer, especially for businesses. It became the new norm.
Fast forward two decades, and malware and viruses haven’t vanished. On the contrary, they’re spreading faster than ever, and worse, have evolved into more damaging forms. But it’s not just malware that poses a threat. The malicious individuals behind these attacks have become more personally involved, taking a hands-on role in infiltrating computer networks. We’re now witnessing increased human interaction, often involving social engineering, targeted communication and brute-force hacking. No technological defense can fully protect against the efforts of an intelligent and determined sociopath. Yet, I still see countless businesses relying entirely on the same protections they used 20 years ago like antivirus software and firewalls. That norm has passed, and a new norm has arrived.
What you can do
As hackers employ human intelligence to their offense, we need to apply human intelligence to our defense. Instead of solely relying on technology, the best defense is to have someone waiting for the attackers. Someone who understands their tactics, watches their moves, and responds accordingly. This is the premise behind what is now known as Managed eXtended Detect and Respond or MXDR in the cybersecurity space.
MXDR starts with highly sophisticated software called SIEM (pronounced “sim” by most), which can detect unusual behavior patterns across an entire network and alert a skilled security analyst. The analyst then reviews the alert, along with other information provided by the SIEM, to determine if there is an ongoing hacking attempt. If confirmed, the analyst takes action to remove the attacker from the network and block any further activity. From there, security and IT staff can work together to address any damage caused and restore systems to their previous state. Additionally, further analysis can be conducted to identify how the hacker gained access and strengthen defenses against future attacks.
Managed eXtended Detect and Respond (MXDR) is now the new norm. If acquiring SIEM software and hiring necessary staff sounds like a daunting expense, well, it is. But for small to mid-sized businesses there is an alternative. Managed security service providers can now offer this invaluable service at an affordable monthly fee. When you consider the level of protection it provides for your business and your customers, it’s definitely worth exploring further.