The Zero-Day Misnomer

Cybersecurity is a hot topic, and everyone should be concerned. We have all heard the stories of business loss due to attacks. Ransomware has made national headlines for extorting business and institutions of billions of dollars. What doesn’t make sense is for small businesses to invest tens of thousands of dollars on extra security fearing a possible ransomware attack, especially when the only real solution to ransomware is a good backup.

The IT Community Response

As a reaction to the increasing threat of ransomware and phishing campaigns, the major players in the IT community have been developing software and services designed to protect IT assets while also generating a market with huge revenue potentials. But really, how effective are these solutions and should you pay more to achieve a level of security that most business may not require?

A Real World Example

A colleague and I were discussing an incident that occurred at one of their friends business, let’s call them XYZ Corp, had a new vendor Zero-day protection software installed on all their computers and servers. This was an additional cost to the traditional defenses of AV software, SPAM/Malware email filters, and a firewall.

The Company was told that this new software was able to detect and protect against Zero-Day attacks. Should an exploit gain access to the network, the vendor would provide incident response at an additional fee to analyze how the attack entered the network, stop the attack, determine the damage from the attack and recover/restore systems damaged by the attack.  

Sure enough XYZ Corp did get attacked with Ransomware. The new software did notify XYZ Corp of the attack but was unable to stop it. XYZ Corp then engaged the software incident response team to triage, quarantine and eliminate the attack at a large cost.

The result was that XYZ Corp had to restore data from backup.

A Real World Result

XYZ Corp is not a large company, only 50 users. They are not subject to specific regulatory security practices such as ITAR, DFARS and other requirements which would mandate they have an incident response process along with reporting to government or other organizational entities the breach of their systems.

The software vendor took several days to triage the issue and gather data surrounding the incident, which meant that XYZ Corp was unable conduct business. After the ordeal was completed, XYZ Corp  was sent a bill for 10K for the incident response.

As a business owner I have to think, “What did XYZ Corp just pay for? Research and development for their software vendor?” Ultimately, the vendor had to restore their data from a backup so, as a business owner of a technology services company for 30 years, it’s hard to see the value of XYZ Corp’s 10k capital expenditure.  

Further, Managed Services Providers are now marketing themselves as Security Specialists, in addition to the slew of other services they provide. I propose that such companies cannot deliver on this promise as security firms take years to develop such practices, honing their craft. Instead, unsuspecting companies like XYZ Corp get ‘taken to the cleaners’ by tech companies trying to sell another subscription. We suggest you take a step back and think about what makes real world sense.

The Security Silver Bullet – A Good Backup

There is no magic security software that will protect from Zero-day vulnerabilities. As such, if you are not subject to specific regulation, then the most pragmatic business decision you can make to protect your business is to invest in a good backup and recovery solution. If you are subject to regulatory bodies, you are probably better off leaving security to a specialist and not your Managed Services provider or your internal IT person.

Traditional layered defenses of a firewall, AV software, Anti-Spyware protections, and good user training cannot be discounted and are still a security minimum but don’t sweat the Zero-day ransomware attacks as the only true answer is to restore from backup.

We at Systech provide our customers a level of backup protection which can provide restoration times in hours not days and complete company wide data restoration. No matter what happens we could restore your business to functionality in hours. This is the best and most costs effective solution. Don’t let fear rule the day.

-Jack Prager, CEO

Related Posts