Proactive or Reactive?

The world is full of problems. Dealing with problems is something that humans do on daily basis. But why are we dealing with these problems? Haven’t we learned to have a proactive approach so that we never have to react to a problem? That would be proactive wouldn’t it, having a strategy to stop any issue from happening?

The world is full of problems. Dealing with problems is something that humans do on daily basis. But why are we dealing with these problems? Haven’t we learned to have a proactive approach so that we never have to react to a problem? That would be proactive wouldn’t it, having a strategy to stop any issue from happening? Not really feasible, given that no one has a crystal ball and can see into the future to plan for every problem that may ever occur. On the flip side, if we were only reactive, we would be overwhelmed with problems. By not stopping problems before they occur, we would be so busy solving problems, that eventually we would be overrun with work. Problems would stack up and everything would come to a grinding halt.

Welcome to the life of the IT professional. You are responsible for every problem that comes up and are expected to be able solve that problem before the next one arises. You are expected to have plans in place so that problems don’t arise. So, while you are trying to fix the problem that just occurred, you are asked “why didn’t you have a plan in place to solve this problem?” and “what is the plan so that this problem will never happen again?”. You are being reactive, while management is already asking for proactive.

Let’s go down the rabbit hole further from the IT security perspective. As an IT security professional, you must stop every malicious attack against your organization. You must proactively stop all viruses, malware, ransomware, hackers, and any other security threat. A proactive plan to stop all these attacks must be in place. Additionally, a reactive plan must also exist if one of these threats manages to deploy on your systems. These must be working hand in hand or consequences can be great.

Imagine if a ransomware attack happened on your systems and your only approach was to be reactive. Your data would be encrypted and held for ransom. No worries you say, we have a great reactionary plan to this. We will restore from our backups and we will be fine. Now that is not exactly the best solution. First off, many ransomware attacks also steal your data and hold this stolen data for ransom. A backup will not retrieve this stolen data. Your data is gone and in the hands of malicious entity. Can you afford to have your organization’s sensitive financial, personal, and intellectual property leaked to the highest bidder on the dark web?

Let’s say your data wasn’t stolen, bullet dodged right? No, you must still deal with the recovery of the data. Do you recover everything from backup? From what day? How much data will be lost in this recovery? Is the attack over or still present? How long will your systems be down while you go through this process? All very scary and expensive problems. Now, the reactive solution is not all bad. You still will be able to recover, and eventually get back to business, you have a plan in place to return to normal operations.

So, let’s take a proactive approach only. Yea!!! We are safe. Never will we have to worry about ransomware attacking us because we are proactively stopping attacks from happening. But remember that crystal ball that we don’t have. Eventually the malicious actors will create an attack to go around your protective measures. Now, you only have a proactive strategy, not a reactive one. So, you have no backups or ways to retrieve your encrypted data. You are stuck paying the ransom and hoping that these malicious actors will make good and give you the encryption keys and return the stolen data.

As an IT professional you can never rely solely on being proactive or reactive. A balance must be had with these approaches. A good dose of proactiveness will keep you from having to waste too much of your time being reactive. Always be on the lookout for solutions that can be both, proactive and reactive. In our ransomware example, ProLion’s CryptoSpike is an excellent example of a solution that is both proactive and reactive. After all, they may be completely different strategies, but by being interwoven, make the best strategy for problem solving. Having a reactive or proactive only approach will result in a disaster. But working hand in hand, harmony.

Leave a Reply