This is the time of year when bloggers and media publish lists of the biggest breaches of year, biggest infosec fails of the year, and so on. 2014 certainly saw a distinguished list of failures. But I’m feeling optimistic, so I want to write something about infosec wins. Most of the time we don’t hear about infosec wins, for obvious reasons. Occasionally we do, though.
Two that come to mind are the recent ICANN breach and the UPS Store breach from earlier in the year. Both were indeed breached, but both also apparently discovered the breach in a timely manner and reacted to minimize the damage. These two wins highlight an important capability organizations need to continue to refine: detecting breaches early, rather than relying on a phone call from Brian Krebs.
As my friend and co-host Andy Kakat says, we have to free some of our security staff from the daily grind of “addressing tickets” in order to focus on building these detection capabilities. Hopefully 2015 will see more infosec wins.