CEOs are responsible for leading all of their companies ‘ strategic planning and operations. It’s a huge responsibility. So, they can be forgiven for mistakenly believing that they are doing the right things in the right places against the right threats, and the bright and capable people they put in charge of their IT security, when in fact they are wasting large amounts of their IT security budget on things that don’t really work. Why? They were taught to believe a set of IT security myths bordering on an inaccessible dogma that is simply not true. It’s hard to do the right things efficiently when you believe the wrong things. Here are common myths about computer security that CEOs believe.
Attackers can’t be stopped
Most computer defences are so weak and misguided that hackers and malware can break into them at will, and that’s only if the malicious intruders haven’t pwned the whole environment and have been in for years. Computer defences are so bad and porous that it was told to CEOs that hackers and malware cannot be stopped. The best they can do is “assume breach” and work on early detection and slow down attackers once they find themselves in the environment.While it is probably true that a dedicated, nation-state-funded, hacker group cannot be easily stopped, most hackers and malware can be stopped from breaking in (the initial root cause exploit) by doing better a handful of things the company is probably already doing, just not in the right quantities in the right places. A better-focused strategy for IT security and a few key defences could significantly reduce the risk of hackers or malware getting into your environment.
Hackers are brilliant
Part of the reason for the nihilistic belief that hackers and malware can never be fixed is that the world believes hackers are all brilliant, unstoppable, super geniuses. This mistaken idea is believed because most people are not programmers or IT security people who get hacked or infected with malware. The reality is that most hackers are average people with average intelligence, they just know how to do a particular trade using specific tools passed down by the previous tradespeople.
Keep watching this space for more.