In construction, builders combine carefully chosen materials to create secure foundations for physical structures. In cybersecurity, we combine carefully selected controls to create secure foundations for business environments.
Over the past year, new cyber threats, combined with shifting business requirements caused by the pandemic, are shaking this foundation. Security professionals must master new tools, platforms, and architectures while striving to maintain a high level of security and situational awareness for their business and their customers.
[ What should be on your radar screen now? Read also: 7 security trends to watch in 2021. ]
For me, the past year confirmed that the only way to move forward with an effective security strategy is to rely on a strong foundation. Here are five ways to make this happen:
1. Know what you are securing
The objective of security is to ensure that your critical assets are protected from the basic risks – confidentiality, integrity, and availability.
The first step in achieving this is to determine and track the assets that must be protected. This includes maintaining an inventory of the hardware and software as well as the classification level of the information that is transmitted, processed, and stored by them. The inventory must also include an official owner for each asset. Their responsibilities and the assets under their control should be verified at least annually.
2. Keep security up to date
One of the most common cyberattack vectors remains exploiting known vulnerabilities in OS software and applications. To combat these attacks, stay on top of the maintenance level of your hardware and software. Unsupported components should be upgraded or replaced as soon as possible. Conduct vulnerability scans for the full infrastructure monthly, and correct issues as soon as possible. Ensure your scans include third-party products and applications.
[ Containers can help here. Read also: How to automate compliance and security with Kubernetes: 3 ways. ]
3. Maintain access control protocols
During emergencies and periods of change, there is much pressure to swiftly grant access to resources and applications that would normally require further security investigation. This is especially true for administrative and other forms of privileged access.
Remember that every active account is an entry point into your business. To protect your organization, frequently verify that all the access you have provisioned is approved and necessary for the holder to perform job responsibilities. Remove unneeded privileges and disable unused accounts as soon as possible. Always check for newly created access that bypassed normal processes; this may be evidence of a cyberattack in progress.
4. Strengthen customer relationships
The pandemic has impacted everyone. More than ever, it is important to understand the changing requirements of both internal and external customers. Their perceptions of current risks to their businesses and of new tools and technologies to help them grow are very important. Provide timely and relevant awareness messages, highlighting the current state of global security. If security is not an effective partner helping to drive the process, it will be quickly forgotten.
5. Observe carefully
A famous baseball coach once said, “You can observe a lot by just looking.” Make better use of the logs and reports provided by the systems and applications running your business. Delineate baselines and metrics defining security health. A change in activity patterns or metrics may be an early indicator of trouble brewing. Develop, maintain, and test a practical security incident management plan so you will know what to do if faced with a real incident.
Composing a secure foundation isn’t easy in the best of times. While these five tips may not be as exciting as hunting for hackers or implementing a sophisticated security incident event management (SIEM) system, they are the building blocks of a strong foundation and offer the best way to move organizations forward safely.
[ How do containers help manage risk? Read also: Ten Layers of Container Security. ]