Cyber threats don’t discriminate. The presence of a CPU - any type or size - is enough to make one a target. Yet, if you’ve been a security practitioner for any length of time, you have probably heard this phrase from a prospective customer more than once:
“We’re too small/unimportant to be a target.”
You know this is the point in the conversation where you smile politely, get up, and thank them for their time while they go back to their business, and you go on to your next meeting. Anyone who has it in their head that they don’t have at least one red laser dot on their forehead is not going to be convinced by your war stories, statistics, or reams of counter-examples.
Like so many important life lessons, they will almost certainly learn the hard way.
The thing you want to tell these folks is that anyone online is a target because everyone online has something of value. The reason most folks don’t think they’re targets is because they don’t deal in valuable information. Data breaches at banks , government agencies , or credit bureaus make headlines because your name, along with your birth date, social security number, bank account, and so on are monetizable.
But if you make commodity widgets, your efficiency and up-time are what you consider valuable. The design of the widget is not special; you’re one of a hundred factories worldwide that make widgets. But you use computers to make those widgets - PCs in the back office for orders, payments and the like; robots, CNC machines, pick-and-place machines, conveyor belts, logic controllers, etc. on the shop floor. The computational power of every one of those devices is a valuable resource to someone .
It’s also important to note that while someone may not be a victim of an attack, that they were involved - used as a hop point for example - means they’re part of the investigation. Those systems have to be offline for a period of time. Operations may slow down or possibly stop, which costs money. Investigations - and the aftermath - cost money. Yes, on a smaller scale than the actual victim, but it's not zero, which is the sum that prospective customer calculated when they decided they didn’t have to worry about cyber threats.
Yet when those prospective customers look for solutions, what are their choices? Expensive blinky boxes on one end, or command line tools on the other, both of which require talent to operate and make use of that even the world’s largest companies struggle to staff.
Senrio has taken a different approach. Our Insight product is available as an appliance, or software that you can install on your own hardware to save money. Its intuitive interface does not require a Phd in computer science to operate, and our API or many data formats enable users to export data to SIEMs, CMDBs, firewalls, and other existing tools your staff already knows how to use. Insight identifies every device on your network - IT or IoT - builds profiles of device behavior so that you can understand what ‘normal’ is for every device, and alerts you when devices behave abnormally. It does all of this passively so as not to disrupt device operations or put a burden on your endpoints or network.
See Senrio Insight in action , and start your evaluation today.