The life of a security practitioner isn’t easy. You’re on the front lines, fighting the good fight against a patient, smart, determined enemy that always seems to be one step ahead. But there are great rewards as well. The security community has tremendous camaraderie, security pros can feel good knowing they are doing something important for their company. And security salaries are among the highest in the IT industry.
As they go about their daily lives in the trenches, here are 6 hard truths that security practitioners must learn to accept and deal with.
Hackers are probably inside your network right now
We’ve all heard the old adage that there are two types of companies, those that have been hacked and those that have been hacked and don’t know it yet. There’s a grain of truth to that. On average it takes companies an astounding 200 days to identify a security breach, according to a study conducted by the Ponemon Institute for IBM. That’s more than six months of an attacker rooting around in your network.
Nearly 70% of CISOs reported that they discovered malware hidden on their networks for an unknown period of time — in some cases over a year, according to a survey commissioned by
Nominet, which runs the UK’s domain name registry and offers cybersecurity services.