Five safety concepts that have been tested over decades

Although security recommendations for software and hardware have been iteratively updated over the past few decades, there are still some basic security recommendations that have withstood the test of time and have always played as important a role as they did in the 1980s. .

One thing we all know is that the data security industry has been in a state of rapid development over the past three decades, starting with "show-off attacks" in the 1990s and 2020s. at the beginning of the 20th century) to later attacks for “monetary purposes” and “hacktivism”, to the current more destructive nation-state hacking movement targeting governments, businesses, and public infrastructure.

As these threats escalate, the security needs of enterprises also begin to grow. We are witnessing the emergence of many new technologies - from antivirus software and firewalls to data loss prevention and log management to next-generation SIEM (Security Information and Event Management) and threat intelligence, all of which promise to help us solve current problems. network security dilemma.

In the past few years, we have experienced basic client-server solutions, network-centric, server-centric, workload-centric, cloud-centric, file-centric, and even started The rise and fall of various block-centric security proposals.

However, among the many suggestions that have appeared and disappeared, we have found some basic security concepts that have stood the test of time. The following are five security perceptions or concepts that have successfully withstood the test of time:

1. Money is not everything

For many years, enterprises have been passively fighting advanced malware and While cybercriminals battle new security challenges and regulatory requirements, they are equally reactive: companies spend money buying new technologies and hiring more employees and partners to manage them. This approach ultimately created an enterprise security crisis because security teams had no idea what assets the company owned and the infrastructure was bloated and difficult to manage.

This reactive security strategy not only wastes money, but also results in a mishmash of point solutions in the IT infrastructure that often do not work in harmony with each other. Many times, this leads to cracks in the network foundation that companies thought they had built successfully, leaving opportunities for cybercriminals to gain access. Facts have shown that more safety spending does not always translate into fewer safety incidents.

Organizations must rethink how they approach security spending. Before every new product purchase, companies must carefully weigh their need for the best technology and its importance to building a secure infrastructure. To deal with increasingly sophisticated cybercriminals, enterprises must transform their security infrastructure and operations from reactive, unwieldy, and product-centric to one that is planned, predictable, and centered on optimization and orchestration.

2. People are the weakest link

Security advocates have been warning about the dangers of “insider threats” for years. Malicious employees and other insiders who want to steal corporate data gain unauthorized access to confidential corporate systems and servers and execute malware to compromise corporate networks. There are of course surprises, such as an employee mistakenly storing confidential data in the cloud, in an unintentional but equally damaging way.

Now, there is a third factor that can exacerbate this insider threat: a chronic shortage of cybersecurity skills that makes it extremely difficult to hire sufficient resources to manage such a complex infrastructure. As a result, IT teams suffer from burnout (a state of physical and mental fatigue and exhaustion that individuals experience under the pressure of work), which ultimately leads to gaps in security defense. This explains why so many data breaches are caused not by carefully deployed cyberattacks but by simple human error, including misconfigurations, unpatched systems, and other basic hygiene factors.

What companies need is not “more” but “right”—the right security strategy, the right infrastructure, and the right security policies and procedures. Optimizing your cybersecurity portfolio is the first step businesses must take to make security simpler, easier to manage, and less expensive, taking the burden off security professionals and allowing them to prioritize more protective and business-friendly tasks. More advanced tasks of value.

3. Employees can be the first line of defense

Although employees may pose serious security risks to an enterprise, they can also become the first line of defense against cybercriminals. The most effective way to help them achieve this role is to create a strong cybersecurity culture that encourages and rewards employees for security awareness and safe online behavior.

If employees understand their importance in maintaining the company's network and data, they will be more inclined to fulfill their responsibilities and comply with company policies. Therefore, it is important to organize cybersecurity education and training programs that teach employees about cybercriminals’ attack methods and tactics, such as ransomware and phishing, and how to respond when a threat is discovered.

In addition, it is equally important to clearly explain how employees manage their online activities and define "acceptable" and "unacceptable" access to and use of company networks, software and devices. In order to promote cybersecurity behavior practices and mobilize employee participation, companies can consider developing reward programs, holding monthly knowledge contests, or launching gamification projects.

Building a strong cybersecurity culture based on awareness, training, and clear security policies takes a lot of time and effort, but the end results will prove that all the upfront investment is worth it.

4. The role of vulnerability fixing cannot be ignored

In the era of next-generation network security tools, vulnerability fixing may seem like a trivial task, but it is undeniable that it is powerful Meltdown and Specter vulnerabilities have proven this fact to us as an integral part of cybersecurity plans. The level of effort required to fix Meltdown/Specter vulnerabilities is likely to increase exponentially compared to previously prevalent vulnerability remediation efforts.

Factors that contribute to differences in vulnerability remediation efforts include the number of patches required, the complexity of putting the right patches on the right systems, and understanding the performance and stability of the patches on affected systems and applications. Impact required testing, etc. The patch management problem is exacerbated by companies' inability to update older equipment, since patching older systems is more difficult than fixing newer systems.

In an era of rapid iterations of new product updates, enterprises must focus on basic issues and put basic security technologies and processes (such as vulnerability fixes) in the best position to minimize risks. , maintain infrastructure security, and clarify the current chaos.

5. Security is a business issue

Chief information officers (CIOs) and chief information security officers (CISOs) have historically struggled to get into senior management and boardroom roles. One of the main reasons for this is their inability to articulate their business in a way that other executives and board members can understand; they also cannot relate security spending to the company's overall risk profile. As a result, they also struggle to ensure the efficiency of business operations as strategic decisions are made with little or no security input.

Although the problem has been around for years, security is still an immature area in many companies. Safety managers must use visual data and key performance indicators to begin reporting on their operations in understandable and meaningful ways. Budgeting and measuring security operations in a consistent manner with other business units will help security managers play a more prominent role in business strategy and planning, while enabling enterprises to accurately link security investments to risk profiles. .

Beyond that, being able to speak the “language of the business” will be the single most important factor in helping security executives gain C-suite and board seats.