Thought Leaders: The Concept of “Assume Breach”

By Scott Warner - Connecting Point — 

As you read headline news these days, you’ll probably stumble upon stories where large organizations fall victim to elegant cyber-attacks architected by nation-states and other dark-web criminals to compromise sensitive targets. It’s easy to move past those events and conclude that those businesses are being targeted because they must have ‘important data.’ While that’s true, the reality is that the bad guys just care about controlling information that is important to you… it’s called leverage. And if they are good enough and smart enough to trap enterprise IT teams and government entities with sophisticated IT systems, large IT teams, and healthy IT budgets, you can guarantee that they are good enough to get into your world and take advantage.

According to a 2020 article in CISO Magazine, over 60% of small businesses experienced a security event in the last 12 months.

It’s for this reason that I’d like to present a term that I think every business owner should adopt into their vernacular: “Assume Breach.” This concept encourages a business to take a posture of expecting that their business will experience some form of a breach. It’s a posture of ‘when,’ not ‘if.’ If a business owner can begin using that lens to evaluate their business and IT security strategy, it begins to take the pressure and fear away from the ‘if’ and it empowers a team to pull together an action plan that helps an organization be prepared for the ‘when.’ Additionally, every business should have an IT security strategy along with a plan for if/when they experience a security event (also called an Incident Response Plan) as well as a recovery plan (commonly called a Disaster Recovery Plan).

There is no guarantee that a business will not experience a breach. In fact, as time moves forward, the odds they will experience a security event in some form increase.

However, we can prepare for these kinds of events and build an IT security strategy that mitigates the risk (or reduces the odds) of an attack. We can also build our strategy on a foundation that seeks to minimize the impact of a breach and allows for efficient and effective recovery.

If you catch yourself thinking ‘what if that happened to me?’ I urge you to use the lens of “Assume Breach” to start being proactive around protecting your business, your people, and your customers.

For those who don’t know where to start or what a good IT security strategy looks like, Connecting Point can help. We can also help develop strong Incident Response Plans and Disaster Recovery Plans.