Every year people gather in droves in a small town in Pennsylvania to watch a groundhog predict how much longer winter will last.
It’s a pretty big deal to see this glorified gerbil pop up and look terrified as throngs of onlookers wait in hushed silence to see whether the mighty Punxsutawney Phil will see his shadow.
Historically, the varmint is only 39 percent accurate, but in truth that’s probably better than most human non-groundhog meteorologists.
I watched the spectacle on the news today, like I do every year. And once again, I got to thinking about how it relates to cyber security. Yes, folks, I’m a geek.
Security leadership and CSOs constantly emerge from their burrows — excuse me, offices — and tentatively look around for their shadows. In this scenario, it’s usually a compromise or data breach.
Once they see it, their eyes get big and they scurry back below ground to their safe space where they cross their fingers and hope everything blows over. They can re-emerge once the bad weather is gone.
This plays out time and time again. And year after year, more security leaders see their shadow. Why? Because when it comes to cyber security, folks usually face the same direction. Unfortunately, the position of the sun (the security industry itself) typically doesn’t move much.
CSOs tend to fall into the same traps day in, day out, in an often vicious, unbreakable cycle (sort of like the plot of the movie “Groundhog Day”).
Security becomes a constant game of whack-a-mole (or whack-a-groundhog, in this case): a threat pops up, you try your best to knock it back into its hole, only to have another appear. Then another. And another. It’s nearly impossible to keep up. And that shadow of the last breach or most recent compromise is always there, taunting them.
In the end, it leads to six more weeks (or more) of winter (subpar security).
Attitudes toward security must shift if security leadership and CSOs ever hope to stop staring at that shadow and break the cycle. Here are some best practices cyber security pros can leverage to break out of the Groundhog Day rut and improve security. It’s time to emerge shadow-free:
These simple steps can help CSOs avoid seeing their shadow and getting stuck with six more weeks (or much longer) of bad security.
To learn how A10 Networks can help, check out how our security solutions defend applications and services in real time before they can be exploited by advanced cyber attacks.