Defense Wins Championships

Keep Pounding!! If you are a Carolina Panther football fan, you have heard this phrase all the way to Super Bowl 50.  Liken to most sports:  “a Great defense with a good offense will typically win the game”.  When it comes to IT security, the same holds true.

We’ve also heard that “the best defense is a good offense”.  This is rarely true.  Take tennis for instance.  If you are playing someone with a great backhand and serve but you defend all of the player’s shots, chances are one of your returns will eventually score.  Same holds true with football, basketball, baseball, pool, foosball, corn-hole, Risk and most other sports or games.  A good team or individual that can consistently “apply great defense” to stop the other team’s offense, will typically come out on top.

In this IT scenario the offense would be the “bad guys” and instead of sending people, balls and beanbags, they are sending bugs, bots, viruses, malware, trojans, ransomware or other malicious attacks.  These offensive attacks are coming from many different directions and their intentions are to win the game.  What is on the line?  In this game you could lose your (or someone else’s) identity, your life savings, your credit card information, medical records, trade secrets, passwords, contact lists, your job, customer goodwill, etc., etc., etc. and possibly be fined by the government millions of dollars.  If you like the things that you have, you do not want to lose this game!

The game is a tough match these days.  Many of you have heard of Software-as-a-Service (SaaS) which has made it easier to acquire, operate and manage software over the past 15-years.  The programs are in the cloud where hundreds or thousands of users can get access from an Internet connection while the supplier or developer applies updates, hardware and maintenance as needed.  SaaS users typically pay a reasonable monthly or annual fee for the use of these applications. Well….Have you heard of Malware-as-a-Service (MaaS)?  MaaS is a service now available to crooks and hackers for a monthly fee.  Criminals are now earning $16-billion per year and are creating $500-billion in damages to good folks (estimated to grow to $2-Trillion by 2019).  Among other ways, this malware or Trojan can get on your computer easily through an e-mail, URL link or by simply visiting a compromised web site.

In football, if you didn’t wear a helmet for protection, you may be fine for a while but sooner or later you would get hurt or killed.  If someone tries to say that web protection isn’t a problem for them, they probably don’t realize the extent of the danger.  Of course, if you are familiar with the security industry, you’ll often hear some crazy numbers which sound incredibly exaggerated like… a new malicious URL is found every 2 seconds, or there’s tens-of-thousands of malicious URLs discovered every day, or 80% of those infected Web Sites are legitimate sites that have been hijacked by crooks to distribute malware.  It is a mind-boggling amount, but that doesn’t mean that every site you visit is going to infect you.  Fortunately the internet is a large area and while you may not get hit by a threat on any given day, it is just a matter of time the way things are going.

I know of several families that have added the iRobot Vacuum Cleaner over the holidays.  We are now in the age of the IoT (short for Internet-of-Things).  These “things” have IP addresses and are embedded with electronics, software and/or sensors and can be accessed thru the network or Internet.  Things such as: security systems, thermostats, stoves, gates (and other smart home options), cars (intelligent transportation), etc….and eventually they will play a part in smart grids and smart cities.  It is estimated that 50 billion IoT objects will be in use by the year 2020.  4-Years from now!  Can you imagine what can happen without a great defense?


Currently, computers, networks, laptops, tablets, smart phones and good people in general need protection from these crooks and hackers.  A smart or learning security service should be put into place that can communicate with the server, web and endpoints.  One that has as good an anti-virus solution as a network and Web security solution so they can all talk and learn from each other.   Select one vendor with a great defense from all of these different directions and you stand a much better chance of winning the game!

Go Panthers!

Ransomware: “Let’s Kidnap the Planet!”