The Realization Security is Not Built-In
February 21, 2017
The cyber threat landscape is a scary one and it is not getting any better.
After spending over 15 years in different areas of technology with large organizations such as Oracle, Microsoft, Nortel, I just assumed that security was built into everything and all aspects of a company are secure.
You know what they say when you assume.
Since joining a company where cyber security is top of mind , I have found that it is a very broad industry with moving and evolving targets. It’s a continuous game between those trying to steal information and those trying to protect it. Whether we are defending against ransomware, phishing attacks, unauthorized access to networks, or some other industry buzz word, we are in a constant state of protecting our customer’s most sensitive data.
The security market is full of great tools and ideas. Recently, we have seen a trend with customers “getting back to the basics” to provide the best core defenses before moving on to the advanced technologies. Many of our conversations start at the below areas. Once an established process is in place, then they are able to move into specialized security solutions.
Here are the top 4 “back to basic” areas I have seen as most critical is securing an organization:
- True visibility – who is on my network? Do we currently manage that device/person today or is it an unmanaged or guest (invited or uninvited)? What data is on my network and where is that data going?
- Secure and Monitored Access – once we understand who is on the network, what are they trying to access? Are they accessing privileged or confidential information? Are they even supposed to be there? Are we exposed to threats like ransomware or other advanced (and expensive) threats?
- Relevant Alerts and Incident Notification– how do I deal with all of the alerts that are hitting all of my tools on a daily or even hourly basis? Which ones are actual threats to me? How can I decipher the different alerts?
- People and Resources– with all of the great IT and Security people in the marketplace, there just never seems to be enough. How do companies keep their current team involved in strategic initiatives as opposed to just ‘keeping the lights on’? Can they challenge their team with cutting edge solutions, but at the same time protect our most critical assets? What solutions are best to keep in-house and what is best to outsource?
Thankfully there are great solutions and security partners that allow for us to protect and secure our customers’ most important resources. Although the cyber threats change at a rapid rate, there are many great minds working to block them and protect companies from attacks.
Want to see if your network has these basic security priorities covered?
Posted in Cybersecurity Technology, Security (Legacy)