In this article I am going to compare the cyber security of an organisation with the overall health of a country, holistically.
If we take the assumption that COVID-19 is akin to a rather sophisticated piece of polymorphic malware threat, then we can tease out the analogy.
A country consists of two areas at either end of the spectrum - its physical assets, whether these be minerals, lakes, forests, farms, human made infrastructure, and its psychological assets, which can consist of art, science, history, music, laws, community.
Much the same as an organisation, be it a bank or manufacturer, there exits the physical offices, laptops, servers, networking equipment, and on the psychological side, there exits company ethos, policies, culture, software, and its digital IT ecosystem.
So we can see that a company is really a miniature town that lives and breathes by its employees.
Now what happens when that country, or indeed miniature town is beset by an attacker.
In the current global climate the attacker is COVID-19, a sophisticated, polymorphic virus that inhibits the respiratory capabilities of the populace.
Many governments have taken the approach of a hard quarantine. While in China this has worked well, perhaps the West may see a different outcome.
Ultimately a human being consists of again two poles. Its biology and its psychology. Merely taking the approach of stopping the virus threat from spreading from host to host, will endanger the psychological well being of the populace. Similarly in a company restrictive policies can cause serious staff dissatisfaction, and ultimately people will leave their job.
Human beings have a need to socialise. Humans developed in the African Savannah's, where small communities were the name of the game for much of our human adolescence.
In these small communities, the population acted as a self supporting biological and psychological immune system.
Immune systems are an important concept. Why? Because they are strengthened through attrition. A constant dance back and forward between good and bad, weak and strong, wherein the immune system can mature, and fight off ever varied threats - it is the fundamentals of evolution.
Companies need to look into themselves and see if this is the approach they take with their cyber security. Because if you want to evolve, growing maturity is the only way.
Buying expensive EDR, NextGen Firewalls and other tooling is like taking medication, and attempting to quarantine yourself from the virus. However once you do that, your psychological defences are weakened. Your routines are interrupted - if you didn't do your daily exercise, or had your cigarettes removed would you fare well? Indeed most people know about the Placebo effect, but less about the reverse Placebo effect where a sugar pill can act as poison.
The human immune system, human body, human towns, human countries, and indeed human corporate ecosystems made from kinetic and cyber components need to develop maturity.
As a virus attacks, the body is taught to defend. Vaccines work in the same way. By introducing some of virus purposefully the system learns to defend itself, but in a controlled way.
Red Teaming, Purple Teaming, and Blue Team are the poles and middle point of this spectrum right across your people, process and technology layers.
Learning to view Purple Teaming as a means to exercise, strengthen, develop and mature the cyber security immune system of your company, will dramatically accelerate your ability to defend itself. If you are already doing this approach, then seeking even more sophisticated adversaries will only mature your immunity.
If you would be interested to learn how Hunnic Cyber (one of the first & only Red Team providers to incorporate Machine Learning in our tooling) and our partner Averisk Information Security (whose team lead the internal cyber security engineering of the largest bank in the world), can work and exercise your company's cyber and physical security immune system please reach out to us on firstname.lastname@example.org