“All organizations should now assume that they are in a state of continuous compromise.” — GartnerGroup 2016
“Error, indeed is never set forth in its naked deformity, lest, being thus exposed, it should at once be detected.” – St. Irenaeus
What does a statement like the two above mean to your church and the various diocese, middle judicatories, conferences, and committees in the context of data security and data privacy?
Think “One Enterprise …One Vision” for Churches and their respective governing bodies and conferences. It is time for innovation and collaboration.
Let’s start with a few points of clarity:
Traditional blocking and prevention capabilities are insufficient to protect against motivated, advanced cyber attackers. Most churches are too small on their own to employ the necessary protection required today. Collaboration is where your conferences, synods, dioceses, middle judicatories can play a vital role. Most churches have basic antivirus and firewalls. These tools work great for protecting you against the ‘want to bee’s’ and for amateurs and those learning the fine art of hacking. From time to time they do a good job with the professionals. But in our fast-paced world of technology, they are necessary but not sufficient. So we need those tools, but in today’s world, you cannot solely depend on them.
Historically, most organizations in the world of WEB 1.0 believed it was a best practice to continue to invest in prevention-only strategies. That worked back then. With WEB 2.0 and the advent of 3.0, this strategy will not suffice. The focus has to be on the Detective, Preventive, Response, and Predictive tools so that as the great hockey player Gretzky would say, “we skate to where we know the puke will be.”
The problem today is that the Detective, Preventive, Response and Predictive capabilities from many vendors who are rushing to fill this space in the market are delivering solutions in nonintegrated silos, increasing costs and decreasing their effectiveness. The cyber tools of yesterday are causing churches, dioceses, synods, and conferences to invest more and more human resources to the fight. Every religious organization system especially those who are independent and are not provided with cybersecurity at a collective level are under continuous attack and are continuously compromised. Most don’t know it or realize that they have been attacked and compromised. Just taking an ad hoc approach to “incident response” is the wrong mindset for long-term survival.
The name of the game today is Predictive Analytics. PERIOD. As we begin to plan for 2019 and develop our strategies to stay on top of the ever advancing world of malware, we need to think differently.
I would suggest you start to think regarding focusing on the following:
1. We need a “Mind Shift”, (say those two words very slowly and elongate the words and you will ‘feel’ what I am thinking) we need a “security mind shift” from “incident response” to “continuous response,” wherein your systems are assumed to be compromised every day and require continuous monitoring and remediation. ‘Incident response’ is outdated. Once your systems have been breached, and the data is gone, it is too late!
2. We need to have all of the church leaders adopt a mindset of what an “adaptive security architecture” looks and feels like, and that is wholly integrated into every nook and cranny of the world of technology in your church, diocese, conference, and middle judicatories. Continuous monitoring is going to take a mind shift to become a reality. Our Culture has cemented a silo perspective across our churches with regards to the new world of data security. The only way all religious organizations in the current environment will be secure is by developing an enterprise-wide mindset of continuous protection from advanced threats.
3. Start by thinking of using the NIST framework. (National Institute of Standards and Technology) I will next week talk more about NIST.
Let’s start by taking a look at your goals for 2019:
- Spend less on prevention; invest in detection, response, and predictive capabilities.
Move towards a context-aware network, endpoint, and application security protection within a homogenous platform that will provide for you a level of integrative predictions, manageable prevention, timely detection, and adequate response capabilities.
- “Architect your security posture” for comprehensive, continuous observations at all layers of the IT stack: network packets, flows, OS activities, content, user behaviors, and data flow and movement and application transactions.
Endpoint protection platforms that will include user activity observation and forensic capabilities.
We must fully realize we live in a world of continuous compromise. Our churches like every other organization in the world are compromised. We need to shift from a mindset of “incident response” — wherein incidents are thought of as occasional, one-off events — to a mentality of continuous response — wherein attacks are relentless, hackers’ ability to penetrate systems and information is never entirely blocked, and policies must be assumed to be continuously compromised, and, thus, they must be continuously monitored.
More to come on this topic over the next several weeks.
The Glory of God is a human being fully alive.” ― St. Irenaeus