Research from Rubrik Zero Labs [link] reveals that 90% of IT and security leaders reported cyberattacks in the past year and almost 20% said they’re getting attacked on average every other week.

Those are only attacks, but attacks have consequences. 30% reported on-premise data breaches, 28% cloud or SaaS breaches, and 26% reported ransomware.

And the crazy part – those are just the ones they know about. There are probably a lot more.

The only conclusion any rational person can arrive at from such insane metrics is that whatever you’re doing isn’t working. It’s not that you need to do more of the same. You need to do something different. The current path is disintegrating before our very eyes. 90% of companies experience attacks because these attacks succeed. The defenses are simply ineffective and don’t work. There is no other way to explain these numbers.

What can you do?

First, you need to accept that defending the perimeter is a losing battle. It’s a battle we must fight, but a battle we will lose. So don’t over invest in perimeter defense. From network security to endpoints, emails, AIM, and passwords – it’s a battle you probably already lost many times without realizing it. It’s not that every perimeter defense was compromised, but some of them did or the attacker got in some other way.

The reality is that the perimeter is constantly breached in almost every company. If not from the outside then from an internal actor. In the Rubrik report insiders are responsible for 28% of attacks while other estimates have them at about 20%. But whether from insiders or outsiders, either way, attackers find their way in. There’s no stopping it, only slowing it down.

The obvious question is “so what can we do?”

One answer I often hear is “nothing”. Just wait for the inevitable breach. It’s coming.

I don’t like that answer.

The other answer is data-centric security. Which means, focus on protecting the data. If you can’t prevent bad people from getting into your network, protect your data against everyone.

There are bad actors from the outside and internal threats from the inside, so everyone is a suspect. We have to protect the data against everyone.

Passwords are stolen, individuals are impersonated, accounts and privileges are abused… There is a never-ending list of attack vectors and the bottom line is simple – you can’t trust any activity. You must evaluate every data access. Everything is suspicious.

That’s a great conclusion but how can you implement it?

With billions or trillions of accesses per month that is, obviously, not a job for individual human inspection. But modern technologies can capture and evaluate all these accesses and find that needle in the haystack.

That statement sounds too good to be true and it is to a degree. It is a big generalization and the details are a lot more complicated. But yes, it is possible to control all the database activity and all the application activity. Blue Core Research developed a combination of technologies that can achieve that. Talk to us to know more.