I wish I had a dollar for every time we as security practitioners have collectively had a conversation about a zero day — each and every time we’ve discussed the dangerous nature of the latest vulnerability. I would have a nice tidy sum squirreled away by this point.
We have developed a finely honed ability to run around in circles with our hair on fire. This may cause some of us to chuckle when we think back to incidents that we’ve had to manage or help bring to a conclusion. But it still stings a little to recall how things were managed in the past.
Far too often we learn our security lessons the hard way. Reactive security was, quite literally, the industry’s default setting for many years. Even now, I have conversations with CISOs who share tales of incident response activities gone horribly awry. We listen in rapt attention, and yet we never seem to learn the lessons that are in plain view.
Rather than approach security from a reactive perspective, we should always be planning for the future by asking the question: What could go wrong?
What’s in Your Disaster Recovery Plan?
For years, companies and countries — governments, rather — have been working hard to move operations to the cloud. This makes perfect sense … until it doesn’t. From reading the disaster recovery and business continuity documents for these organizations over the past couple of years, I;’ve noticed some pervasive themes.
For example, in the event of network failure, everyone would go to the local electronics shop and purchase replacement laptops.
I’m sure that would scale without issue. Oops, sarcasm dial set to 11.
Another scenario frequently listed in these documents was that of a meteor hitting the building. At no point did any of the planners take into account the fact that if said disaster had taken place, the local landscape would be desolation as far as the eye could see in any direction.
When Planning, Ask: What If?
But what if a country invaded yours? What if there was a completely unprovoked attack? How would you operate if your cloud instance was hosted in the aggressor’s country? How would you be sure that your system would have the security resilience to survive such a scenario? Are these questions included in your disaster recovery and business continuity plans?
The war in Ukraine has served as an exemplar of worst-case scenarios for any country in the world today. There was a great deal of “what if” planning for various wartime situations long before the Russians ever crossed the border into Ukraine. The world needs to take note and start answering these questions.
Perhaps it is time to entertain a retreat from how we have approached globalization. We should look at how we can run our systems reliably if we had to sever connections with the rest of the world.
This line of thinking may seem extreme, but it’s far more realistic than preparing for a meteor strike, let alone queuing up at the local electronics shop to buy laptops, along with hundreds of other companies.
If a cloud provider was cut off from the Internet for whatever reason, what would be your contingency plan to weather the storm? We have to be vigilant in the face of threats ranging from pickup trucks hitting power lines, to chip fabrication plants needing to move to other countries due to ever-shifting political issues.
Building out our strategies to reduce risk and increase our security resilience will go a long way to help address the clear and present dangers we face in this modern age.