Expect the Unexpected

• The one-year anniversary of the global IT outage reminds us that unexpected disruptions demand constant preparedness.
• Over-reliance on a single vendor, (“tech monoculture”), should be viewed as a form of vulnerability in critical infrastructure.
• The growing fragility of the lower tiers of the supply chain exposes otherwise well-defended organizations at the top to targeted cyberattacks with cascading effects.
• Building resilience now hinges on proven fundamentals: endpoint security, data protection, network security and detection and response, supported by critical intelligence and trusted partners.

We’re approaching the one-year anniversary of the global IT outage that wreaked havoc for businesses around the world. Not that anyone would forget it anytime soon, but the upcoming July 19 anny serves as a useful and sobering reminder that the unexpected can happen at any time. In an era marked by economic stress, geopolitical instability and relentless cyberthreats, security leaders have no choice but to prioritize cybersecurity fundamentals. Doing so will help them build resilience and minimize the risk of business disruption.

In other words, it pays to expect the unexpected–and to prepare for it.

The rise of tech monoculture ​

Last year’s global IT outage, caused by a defective software update, underscored the risks of entire industries over-reliance on a single vendor or technology. ​While prominent providers often deliver effective solutions, concentrating critical infrastructure under a few vendors invites a new type of vulnerability. ​Organizations increasingly recognize this centralization–or tech monoculture–to be a business risk. Regulations like the Digital Operational Resilience Act (DORA) in Europe are beginning to address this issue by requiring organizations to diversify their technology stack to mitigate concentration risk. ​

It’s good advice: relying solely on one provider or solution can leave organizations exposed to costly, catastrophic failures. ​The interconnected nature of modern infrastructure means that a single point of failure can ripple across systems, crippling operations. ​Diversification and redundancy are no longer optional; they’re essential components of a resilient cybersecurity strategy. ​

The supply chain: A growing target

As if vulnerabilities introduced by tech monoculture weren’t enough, there’s another unexpected business risk: the fragility of supply chains.​ Nation-state actors and cybercriminals are increasingly targeting what can be referred to as the “soft targets” of the supply chain; small and medium-sized organizations, to gain easier access to the well-protected larger enterprise targets. 

The supply chain, often invisible when functioning smoothly, has proven to be more fragile than many realized. ​Recent cyberattacks have highlighted its importance and vulnerability. ​By targeting smaller organizations with limited budgets and expertise, attackers can create cascading effects that disrupt entire industries.

Back to basics: The 4 pillars of cybersecurity ​fundamentals

In this volatile environment, where dozens of unproven, niche products are marched out every year at the seemingly endless parade of trade shows, you need to focus on the fundamentals of cybersecurity to build a strong foundation capable of withstanding unexpected challenges. ​These fundamentals are the bedrock of a comprehensive cybersecurity strategy and require ongoing investment and vigilance. Plus, we’ve seen it over and over: New technologies rarely stand on their own for more than a few years. They either die of irrelevance or get integrated into one of the four cybersecurity pillars that have stood the test of time. Those four pillars are:

1. Endpoint Security: Protecting devices and users from the full spectrum of threats, including commodity malware and advanced persistent threats (APTs). ​Endpoint security serves as the last line of defense, ensuring that devices are safeguarded against infiltration.
2. Data Protection: Securing data wherever it resides—on-premises or in the cloud—to prevent unauthorized access and leakage. ​Data is the lifeblood of modern organizations, and its protection is paramount. ​Address data protection throughout, including your use of AI tools and platforms.
3. Network Security: Your first line of defense, establishing robust controls over network traffic, including web access, cloud usage and zero trust access. ​A secure network is critical to preventing lateral movement and unauthorized access. ​
4. Detection and Response: Combining signals from endpoints, network, identity providers and other data sources to quickly identify and respond to threats that bypass preventive measures. Detection focuses on identifying and even predicting malicious activity, while response is all about taking swift action to mitigate damage. ​

These pillars are interconnected and provide holistic protection against cyber incidents. For example, integrating endpoint, network and data protection capabilities allows security teams to detect and respond to threats more effectively, minimizing the risk of business disruption. ​They all work together to keep you safe.

A holistic approach to cybersecurity ​

In times of uncertainty–and really, when is anything truly certain?–none of us has the luxury of complacency. Organizations that proactively invest in their cybersecurity fundamentals, that deploy solutions from trusted and proven providers like Symantec and Carbon Black, can build the resilience necessary to respond and stop unexpected attacks. Meanwhile, diversifying security solutions, building redundancy and prioritizing the core pillars of endpoint, data, network and detection/response are essential steps to prepare for the unexpected.

You can think of Symantec and Carbon Black as representing different personas in the cybersecurity battle that organizations fight every day: Prevention, which is largely personified by Symantec; and detection and response, which is largely represented by Carbon Black (though Symantec is a big player there as well). The truth is, both of them work together, delivering prevention, detection, analysis and response–all informed and supported by the intelligence corps, which in this case is the Symantec and Carbon Black Threat Hunters. 

Together, you have a fighting force that includes soldiers that eliminate the threat as quickly as they detect it and move on to the next threat and the next one, and…well, you get the idea. They even hunt for and eliminate threats that might be lurking behind the lines. And then you have an expert intelligence community analyzing the threat: Where was it just before it got on our radar? What’s it doing now? What’s it doing next? They look at it, understand it and analyze it. The two help you take a comprehensive approach to those critical fundamentals. Addressing these fundamentals is vitally important.

Waiting is not a plan

Now is the time to do your risk assessment, strengthen security foundations with redundant tools and services, and build resilience against the challenges ahead. By focusing on proven fundamentals and leveraging the expertise of trusted partners, you can weather the storms of disruption and emerge stronger, more resilient and ready for whatever comes next.

Learn how solutions from Symantec and Carbon Black earned AAA ratings with perfect scores on real-world tests from SE Labs. If you’re interested in shoring up your fundamentals, these solutions offer a great place to start.