“They came on in the same old way – and we defeated them in the same old way.”
Though it could easily be used today, that quote does have rather more deep-rooted origins. The speaker was Arthur Wellesley (though you may know him by his more common titles of The Duke of Wellington and, later, Prime Minister of Great Britain). He spoke those words after his and Field Marshall Blucher’s combined Allied forces had just defeated Napoleon at the Battle of Waterloo.
Without going into the details of the battle itself, the outcome was quite significant in several ways:
- Napoleon’s tactics at Waterloo were both out of date and inflexible
- His battle plan lacked finesse, consisting only of repeated ‘in your face’ brute force attacks
- The outcome of this helped shape the future of Europe for almost 100-years
- Given ‘The Battle of Waterloo’ was in 1815, it does, in fact, predate the on-going debate about RBAC v ABAC which still persists today.
Okay, that last point is stretching a little white lie (a hint of a joke, as it were). But If you’ll permit me, I’ll tell you 2 specific reasons why it does fall flat on its face:
- The RBAC v ABAC debate is now in its 22nd year (yes, it began in 1997)
- Like Napoleon at Waterloo, if you honestly expect to win today’s battle with yesterday’s tactics then you’re going to lose.
Unfortunately, and we know this firsthand, some companies still are using old systems, old methods, and old tactics.
(Please tell us this isn’t you, though?)
Your Attacker is Getting Cleverer
One glance at the news tells you that your attacker is getting cleverer. (It might also be a concern to know that there are a lot more attackers out there since hacker tools became more commercialized. If you want to learn more, then click here to get our The Anatomy of a Cyber Attack white paper.
Make no bones about it, your attacker is getting cleverer, more devious, and increasingly skillful–they’re evolving. And though steam rolling in with brute force methods might be just one part of their plan, unlike Napoleon on that fateful day, we both know they’ll adapt and move on to other means as soon as necessary.
This isn’t hyperbole, either.
You’ve likely seen or heard all of the scare tactics, the dire threats, the ‘end of the earth as we know it’ (if you haven’t, let us know and we’re more than happy to fire some your way).
But here at EmpowerID, where cybersecurity, RBAC and ABAC, and your security is concerned, we prefer to stay a little more grounded. A little more pragmatic.
The Cyber Threats Are Real
But make no mistake…
Don’t think for a minute that the threats aren’t real–because they are.
You and I both know, full well, that your attackers’ plans are evolving continuously.
Unfortunately, the very nature of cybersecurity is that they’re likely to be evolving far faster than you or any of us can ever react.
However, it isn’t all 1-way and isn’t all doom and gloom. There are steps we can take to mitigate this. To limit the chances of them being successful.
We can’t stop them from selecting us as their target, but our goal here, of course, is to make it so difficult that they move onto easier pickings. They turn their attentions and efforts elsewhere.
Let’s not get ahead of ourselves just yet, though…
What Is Your Battle Plan?
A question for you:
When the attackers’ beady little eyes do eventually turn to and focus on you, what exactly is your battle plan?
At Waterloo, Wellington had surveyed that ground years 2 or 3 years before.
We both know we’ll never ever have that luxury.
“But we’ll be okay,” said every single security consultant or manager in the world ever. (All the while secretly praying that they’re okay.)
And then they weren’t, of course (okay, that is).
Reading this, you, may very well think that we’re wrong.
If that’s the case, then tune into the media and watch or listen. Turn on your TV or radio, or tune in via your PC, whatever it is you use.
Because if the next security breach is not all over the news today, then it’ll be tomorrow or next week.
It’s only a matter of time.
As realists, we both know it’s coming.
We sincerely hope they’re not talking about you.
White Paper: Identity is the New Perimeter: Zero Trust is its Firewall
To learn more about constructing your organization’s defenses and laying out your battle plans, we have a white paper called ‘’Identity is the New Perimeter: Zero Trust is its Firewall.
In it, we talk about how identity and Zero Trust are where the 21st century battle will occur. Zero Trust is founded on 3 fundamental principles:
- never trust
- always verify
- always enforce least privilege.
Quite simply, when a user attempts to access to your system, they have to verify and authenticate themselves. If they fail either, then they’re denied access.