Living to the "Left of Breach"
Nuix Head of Services, Security, and Integration Chris Pogue recently wrote an article equating cybersecurity with the military concept of “Left of Bang.” This concept is part of the U.S. Military’s Combat Hunter Course that teaches Marines and other combat personnel how to react to threats before they take place by understanding their adversary, spotting threats in the field, and preventing or avoiding them altogether.
A cybersecurity incident is very similar to physical combat, at least with regard to the fact that there is a clearly defined before and after the incident occurs. For organizations like yours that have a vested commitment to avoiding such incidents, it’s vitally important to stay to the left, or before, an incident as much as possible, and limit your time after, or right, of when an incident becomes a full-blown breach.
Recognizing Both Sides of a Breach
Cybersecurity incidents and data breaches are inevitable. They will happen, no matter how strong your defenses are, how careful your personnel is, or how comprehensive your policies and procedures are. According to Ponemon Institute’s 2016 Cost of Data Breach study, the average total cost for a data breach is $4 million USD. This cost is driven up for every moment spent “Right of Breach,” starting with ransom demands and loss of productivity due to incident response, and progressing to public relations efforts, fines for non-compliance, and reputational damage.
Gross security negligence and non-compliance with privacy laws can even land senior executives in jail. A company CISO, for example, could face up to 10 years in prison for failure to comply with HIPAA regulations. Nobody wants this to happen.
Many security solutions on the market focus only on one side or the other of a data breach. Nuix Insight Adaptive Security and Nuix Insight Analytics & Intelligence work together to give you the best chance to stay “Left of Breach” as much as possible and, when an incident does occur, quickly identifying and stopping the damage to get back to “Left of Breach” fast.
Left of Breach
Nuix Insight provides continuous endpoint monitoring and protection. It lets you set up traps, or honeypots, to learn more about potential attackers before they infiltrate your defenses, as well as alerting you when persons or items of interest appear in your enterprise. As it automatically terminates malicious processes and blocks bad behaviors, it lets your security team focus on other priorities, like advanced threats, complex investigations, and threats that are designed to evade all security systems.
Right of Breach
What happened? Anyone who has responded to a breach knows this question intimately. It’s the first thing that company executives, boards of directors, legal teams, and reports want to know.
You need to answer that question, as well, if you want to stop the damage and get back to “Left of Breach.” This is where Nuix Insight lets you conduct root cause and timeline analysis, follow an attacker’s tracks to identify systems they may have gained control of, and even lock attackers out of those systems to limit their ability to proliferate through your network.
Most important, you don’t need to work alone. Nuix Insight is built to allow multiple analysts and teams to work on complex investigations, accelerate resolution, and get back to “Left of Breach” with minimal damage—both technical and financial—done to the enterprise.
Reduce and Minimize the Inevitable
Nuix Insight Adaptive Security and Nuix Insight Analytics & Intelligence were created because we know that cybersecurity incidents and data breaches are going to happen. Nothing in the world will stop them completely. These products work on both sides of a breach to reduce your exposure to risk and minimize the impact of cybersecurity incidents, help prevent breaches wherever possible, and drastically reduce or eliminate their costly aftermath.