Another incredibly difficult year in Security. Back in October, we had a good idea that 2021 was going to go on record as one of the worst years for security breaches - and now at the end of the year, we know that's true.
This isn't surprising. Security engineers are still seeing the same problems recur in cycles that seem to want to repeat forever:
Software vendor releases a product with a security gap that can be exploited.
Exploit is discovered because it is used maliciously, or because it was discovered through security analysts.
Security Vendors rush to show their product is protected (or how to fix it) - which doesn't always work.
Issue reveals itself to be more widespread than initially considered
Vendor tries to patch and it doesn't fully work
Problem is ignored until it becomes big again, cycle repeats with new vendor or new vulnerability.
There's exceptions, but we see this constantly. With SolarWinds the vendor was able to resolve some of the concerns, but the damage was done. And we still saw the effects ripple into 2021 and further. Even the recent Log4j issues that have been occurring continue to show the pattern and cycle on display, acknowledging that the most important part of security is becoming constant vigilance.
London Security's greatest success in 2021 has been demonstrating to customers how much the value of vigilance, plans, and proactivity lead to successful security outcomes. Security is quickly becoming an industry that must react to every new vulnerability and problem, but we don'thave to be in that position.
No, I'm not going to talk more about zero trust. That's done to death at this stage, when the stage security is at it really should come to the assumption that at some point every company is going to have a failure, and how to minimize points of failure.
Identifying risks, securing critical points of failure, and planning for some kind of issue are going to provide the best outcomes, and that's something London Security can assist with if you are unsure where those might be.
For all of the difficulties of this year, London Security wants to send forth the good memories from 2021, and push forward the best goals and ideas for 2022!