JP Morgan Chase. Target. Sony. Each has been part of the growing number of cyber-attacks against private companies around the world in recent years. In the latter two cases, CEOs were forced to resign in the wake of the breach. Attacks are growing more sophisticated and more damaging, targeting what companies value the most: their customer data, their intellectual property, and their reputations.
Companies need to take a new approach. They can do so by looking at themselves through the eyes of their attackers. In the military this is called turning the map around. The point is to get inside the mind of the enemy, and to see the situation as they do, in order to anticipate and prepare for what’s to come.
Unfortunately, this mindset is still too rare. Despite spending billions of dollars every year on the latest security products and hiring the best security engineers and analysts, companies are more vulnerable than they’ve ever been. Two trends account for this: the rapid convergence of enterprise IT architectures, and the proliferation of increasingly sophisticated adversaries.
Changes in enterprise IT over the past decade mean that every company is now a technology company. By the end of the decade, there will be 50 billion devices connected to the Internet, complicating networks and generating petabytes of data. To add to that, the cloud revolution has finally dissolved perimeters – companies enjoying the benefits of infrastructure as a service must depend upon the security of networks and systems beyond their direct control.
Read more: Harvard Business Review