“…they get punched in the mouth”. A quote that Mike Tyson is well known for. However, it can apply to many other aspects of life including cybersecurity. The blow may come from making a bad investment, getting stuck in a traffic jam or your organisation getting breached.
The important part is how you react to that adversity, not the adversity itself.
In the world of boxing, most fighters will have a plan. They will practice that plan over and over, even when getting punched in the mouth, to ensure their reaction achieves the best possible outcome.
In our world of cybersecurity, we should all (I hope) have in incident response plan that is tried and tested. But how do you simulate getting punched in the mouth? There are the traditional approaches such as penetration testing, red/blue/purple teaming which will breach your network (without malicious intent) so that you can measure the effectiveness of your cyber capabilities and your reactions.
However, these are relatively costly and due to that rarely held regularly.
This is where Breach and Attack Simulation (BAS) technologies step in. This is a relatively new market where a number of investments are being made and new vendors are emerging.
The market drivers for these solutions seem to be based upon the following:
- Providing assurance that existing security controls are effective.
- Allow prioritization of security investment by identifying largest areas of weakness.
- Assessing the efficacy of security services that you may be subscribed to.
- Continually assess incident response procedures.
Solutions in this space help organizations to simulate the worst happening, at the touch of a button; assessing the effectiveness of security procedures, infrastructure, vulnerabilities and intrusion techniques by simulating methods used by real adversaries. Thus, allowing organizations to continually assess how they will react to getting punched in the mouth, or reacting to adversity depending on how you wish to look at it.