Cybersecurity and Einstein's Definition of Insanity

By
Charlie Atkinson
April 15, 2024
-
Min Read

"Insanity is doing the same thing over and over and expecting different results." Whether it was Einstein or someone else that said that is irrelevant. What is relevant is that organizations continue to suffer from data breaches with increasing frequency and impact. Yet, people and organizations keep doing the same thing over and over, trying to prevent them.

I keep reading and hearing of the strategies (tactics at best, in my opinion) and best practices intended to reduce the risk of a data breach, whether from ransomware, nation-state attack, or even malicious insiders. Things like zero trust, multi-factor authentication, patch Tuesday, anti-virus and firewall solutions, segmenting your network, using strong and unique passwords, using identity and access management solutions, employing intrusion prevention and detection solutions, and the list goes on.  While many technologies are warranted toward reducing the risk of an attack, sensitive data is still exfiltrated. Leaving me to state that even best-of-breed technologies cannot protect the data itself.

Yes, we must protect the network, endpoints, cloud, and everything in between. That is table stakes. Consider this, whether it was Willie Sutton or John Dillinger, famous bank robbers of the 1930s, the maxim on why rob banks were because "that's where the money is." Cash held anywhere is an attractant to crime, and it is analogous to data. Replace cash with a substitute, like a wire or e-transfer, and there is nothing of value for the robbers to steal. So why are we not protecting data in the same way?

What if you could replace your data with a substitute value, a token, encrypt it, or redact it? Today's adversaries, ransomware groups, and malicious insiders would have nothing if they gained access to your organization's data. If you could provide this protection to virtually any data type without changing user behavior or business processes. You can stop the insanity by removing the data and protecting your organization so that when someone gains access to your environment, there is nothing to steal.

It is time to put sensitive data at the forefront of cyber strategies and not look to other technologies whose main mission does not include the data.

Written by Charlie Atkinson.

Related articles

View all
We are a Data Security Platform (DSP) that allows organizations to discover, classify, and protect their most sensitive data and documents.
Company
HomeISP Services
Project RescueAbout UsContact
Site Map
HomeData Security PlatformSupportQSA Partner ProgramAbout UsContactBlog
Solutions
Data Discovery and Classification
Dynamic Data Masking
Data TokenizationTest Data Management
PCI Audit Scope Reduction
PCI Tamper Detection and Protection
Contact
info@datastealth.io+1 (855) 553-2839DataStealth Inc.
5995 Avebury Rd
Suite 600
Mississauga ON L5R 3P9
Follow us
InstagramTwitterLinkedinFacebook

©2024 DataStealth Inc. All Rights Reserved.

Privacy Policy