A big challenge for many security professionals is overcoming "detection deficit disorder," says Ira Winkler, president of the security consultancy Secure Mentem.
Too many organizations spend too much money and time on a protection strategy, and not enough on detection and response, he contends, pointing to the problems Equifax had in detecting its mega-breach.
"To have the bad guys on your network for several months exfiltrating data ... is unacceptable," Winkler says in an interview with Information Security Media Group. "The fact that the bad guys were able to get the data out is really what caused the damage and where the security program massively failed."
In the interview (see audio link below photo), Winkler discusses:
- Other common deficits in security programs;
- Why security managers are setting the wrong budget priorities; and
- How the security culture in an organization sets the tone for success
Winkler is president of Secure Mentem, which focuses on the human element of security. Previously he served as president of the Internet Security Advisors Group and as chief security strategist for HP.