Let’s Unlearn The Current Idea of Cyber Defense
One of the challenges with fighting is it’s both the most natural and unnatural thing to do in the world. Due to the conscious and unconscious learning that you may have experienced over time, it’s natural to want to punch somebody when you feel threatened.
However, for many, it’s unnatural to throw an effective punch.
It’s natural to want to defend yourself when someone is trying to harm you.
However, it’s unnatural to defend yourself the way a mixed martial artist or a boxer defends against punches.
At a high-level, boxers and martial artists don’t defend punches by blocking.
They defend by getting closer and becoming more attentive.
It’s natural to turn away from harm.
It’s natural to shield against harm.
It’s natural to withdraw from harm.
To get closer to harm and become more attentive to it is a trained defensive response that, for most of us, is unnatural.
Defense In Depth is one of the first things I learned when I entered into the cybersecurity profession.
Defense in Depth is the natural response to adversaries attempting to penetrate and persist within an organization.
Many have written about the ineffectiveness of this model of defense. For example, in the article Defense-in-Depth has Failed Us, the author states:
As companies layer new products and technologies, they now find themselves with 40+ security products and vendors in 40+ silos. And because these products aren’t integrated, each layer in the architecture creates its own logs and events, generating a massive amount of data and a massive management challenge.
Again, regarding the ineffectiveness of Defense in Depth, another author states,
In the last decade, enterprises have added a slew of security products from firewalls, SIEM, User Behavior Analytics, SOAR, EDR, DLP, Email/Web Filtering, etc., and a well-trained SOC team to their portfolio to enhance their security posture by layering with multiple security tools. The truth is that almost every day for years we have read about compromise and breaches in organizations and the velocity is increasing.
Unfortunately, the natural response is not always the most effective response.
Before you can do something differently, you have to unlearn the thinking and habits that are not effective and that do not help you achieve your goals.
Think about the personal relationships where you sometimes have to unlearn the natural cognitive and behavioral habits embedded in your muscle memory that keep you at risk and consistently attacking and defending.
Once we unlearn the old (or natural) thinking and habits, we practice and develop new habits and patterns that form new cognitive and behavioral defense mechanisms that significantly minimize the risks of attack.
Unlearning Cyber Defense
Consensual hallucination is a term I happened to come across when reading about a novel called the “Neuromancer” by William Gibson. In the book cyberspace is a consensual hallucination experienced by all of us. It’s from this novel that the term “cyberspace” was derived.
Today, we know cyberspace as the hypothetical environment where the world communicates via computer networks.
A consensual hallucination is our willingness to suspend our critical thinking and believe the unbelievable for the sake of enjoyment, convenience, safety, obedience or other reason that allows us favor the unbelievable rather than the obvious, sensory reality.
Unlearning cyber defense as we see and practice it today will require us to question what we have agreed to believe regarding:
criminal hacking behavior
who the advesaries really are,
our role as cybersecurity professionals, and
our capabilities as defenders.
Unlearning takes the very hard work of questioning what we already know to be right and true.
It takes repetition, consistency, humility and lots of problem-solving and experimenting.
It also takes determination and support to stick with it because under stress we revert to our old habits of hiding, running and mimicking the behavior that we secretly admire, yet, are afraid of.
Subscribe to Person-Centered Cyber to chat with me about this and other provocative cybersecurity topics