Are you as confused as I am as to what the heck BOOM even is? You keep hearing the phrase, “Right of Boom” ... and well, doesn’t that mean that there must be a “Left of Boom”? Why doesn’t anyone like to go left? Beyoncé did: “To the left, To the left, everything you own is in a box to the left …”
Boom! Boom is not a new word from an old Batman fight scene.
Boom is a negative security event. For example, phishing, ransomware, vulnerabilities being exploited. That’s Boom.
So, if boom is a security event and we think about things happening on a timeline, then left of boom is all the stuff you do before a security event to protect your client (and, hopefully, prevent or reduce the impact of a BOOM). Right of boom is everything you do during or after a security event to protect your client.
I will go on record saying that right, left, and center of Boom are all just as important. Let me explain.
In my 20-year career in the channel and working with MSPs, I have found that building out an appropriate security stack can be daunting and expensive, not to mention the amount of tools on the market and knowing what to have to make sure you are taking care of your clients and NOT losing money while doing so.
Did you know that if you break down security into its simplest form, there are only three types? Now, there are lots of products to fulfill this, but, if you take care of these three categories, you are ready for almost anything.
Left of Boom | Proactive
This seems to be the one that a lot of people miss. It is like when I knew my mother was coming over to visit and we cleaned the house from top to bottom to make sure it passed her white glove test. (Unfortunately, this is a true story.) :-)
You are proactively cleaning the environment on a regular basis and putting tools in place to "prevent" an issue and not deal with an active one. These include things like Vulnerability Management, Email Security, Back-Up, and Security Awareness Training.
Also Left of Boom (or a Simulated Center of Boom) | Proof of Security or Testing:
This IS my mother coming over and checking in places we would have never thought to clean and running her finger over things, making me feel less than and like I could never do anything...oops...sorry, I will save that for therapy.
This category includes things like Penetration Testing. Are all your proactive measures working and doing what they are supposed to be doing, or do you need to adjust something? You need to always test to make sure what you are doing is working before the bad guy’s test for you.
Right of Boom | Reactive
This is when my mother calls and says, "Honey, I am in the area, and I am dropping by." We implement our emergency cleaning plan. In other words, this is EDR, MDR, SOC, etc. No matter what you do and how you test, nothing is perfect, and something is going to make its way through and, therefore, you need to have something in place to react and catch it.
It really is that simple. There are A LOT of tools on the market that do these types of things and I cannot tell you what to use (except for Vulnerability Management) :-), however if you are taking care of these three categories, you are well on your way to having a complete security stack.
So go out there and go crazy! Go left, go right, stand in the center, and know that no matter where you are standing, you are not wrong being there.
As an extra bonus here is a visual to explain this in an uncomplicated way: