Page 70 - Cyber Warnings
P. 70
SO WHAT TO DO
When you are losing a war, you need to develop a better battle plan (security strategy), obtain
bigger weapons (better tools) and secure more troops. There is no single magic bullet. We need
to dig in, fill in holes, use stronger security technology and be better. Assess the good, the bad
and the ugly and work with business leadership to understand what is needed and more
importantly, why it is necessary.
1. Analyze what is working and what is not. Old outdated security infrastructure simply
cannot keep up with the latest threats.
2. Build a strategy that can protect your company from current and future threats. Ensure it
is robust, fault tolerant and not dependent on human frailties. Use security in depth.
Don’t create a system that is just difficult to hack, but near impossible.
3. Change what you are doing. Eliminate what is not protecting you. Add new technologies
to keep in the game. Put processes and governance controls in place to make sure that
your infrastructure is always on-line, working and that changes do not create new
vulnerabilities.
4. Do not assume you are smarter than hackers or that commercial tools will automatically
provide protection. Design, with the assumption that any visible system is at risk of
attempted hacks. Use strategy to twart attacks before they happen. Always assume: if
they can see it they will try to hack it.
WHAT IS NOT WORKING
The current paradigm assumes that if you have a firewall on your network, passwords on
everything and anti-malware on your computers that you have security. Nothing is farther from
the truth. So many large important companies have been hacked recently that the public is
becoming complacent, and almost numb to hearing about it. They all had some kind of IT
security in place.
Examples of failures include:
1. Trusting an employee will recognize a phishing email and not click, is a lost cause.
2. Lacking protection against threats from your own disgruntled employees
3. Passwords have reached old age. Assuming all users will choose unguessable
passwords or forcing complexity that makes users write them on Postit Notes is
hopeless.
4. Social engineering is staying with us. We need to assume all people are subject to
manipulation and design accordingly.
5. Firewalls with such complex rules, only one person in a business understand them. How
is it reliable if no-one is testing that they work as needed?
6. Antivirus tools that stop malware after a few days of analysis. What happens during
those few days between receipt, analysis and action.
7. Administrators with ability to change anything at will, with passwords that only they
know. Will this pass the litmus test during audit?
70 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
