You must know the classic SNL Land Shark skit:
Voice behind door: Candygram.
Woman: Candygram, my foot! You get out of here before I call the police! You’re the shark, and you know it!
Voice: Wait. I-I’m only a dolphin, ma’am.
Woman: A dolphin? Well… Okay. [opens door; land shark attacks]
In the February 4, 2014 CIO Journal blog Kleiner’s Ted Schlein on Cyber Risk: ‘It Only Gets Worse’ venture capitalist Ted Schlein, managing partner of Kleiner Perkins Caufield & Byers, makes some great points:
- Cybersecurity is not a battle the good guys can win. The objective is to make yourself a less desirable target than someone else, so the bad guys move on.
- Cybersecurity is shifting to behavioral analysis. Malware signature detection is becoming less useful than Big Data analysis of anomalous behaviors on the network that indicate hacking activity.
- Cybersecurity should focus on the data not the network. “The approach to security must move beyond the concept of perimeter protection.”
I particularly like his candy simile:
“Security can’t look like an M&M, hard on the outside and soft on the inside. The inside is what the bad guys want. Harden the inside,” Mr. Schlein urged.
Yes! Cybersecurity and privacy are about protecting the data, not merely the hardware or the network.
Too bad that the post did not mention the need to protect data in transit. Too often, companies focus merely on protecting data at rest; in storage locally or in the Cloud. But a lot of sensitive data is transmitted via inherently insecure email. Data should be secured as it travels across the internet.
Using regular email is like a sending a Candygram with the box open, enabling candy thieves to grab a handful of your M&Ms. You have to protect your data from cyber land sharks both at rest and in motion. You can do that with channel encryption (SSL/TLS) plus content encryption like Zix Encrypted Email.