2014 was a busy year for hackers, with several high profile data breaches making the news and inspiring discussion. In a piece for Forbes, Lior Div makes a compelling case for a shift in mindset to a "post-breach mindset" as companies and organizations rally to put what we learned in 2014 to use.
"2015 must be a year of change" says Div, "organizations must assume that their networks have been or will be breached and focus on identifying attackers that are already in their environment." By changing the way we think about security from "I hope this doesn't happen to me" to "Here's my strategy to protect myself", we will collectively shift our thinking when it comes to security - employing more well rounded strategies, technologies for different stages of prevention and response, and intelligent solutions that will keep pace with the hackers. Div says in closing: "Security teams must adopt a post-breach mentality and develop their capabilities accordingly. Improving network and endpoint visibility will enable organizations to better identify irregularities and malicious activity. Hackers might have reigned supreme in 2014, but this year, we can apply our hard earned lessons. Security budgets are sure to go up, and automated solutions that can help organizations better detect and respond to malicious intruders are rapidly maturing. We might not be able to keep determined cyber criminals from getting in, but we can get much, much better at finding and containing them once they are. Hopefully, 2015 will be the year the good guys level the playing field and defend against sophisticated attacks with equally sophisticated detection and response."