Good question. A recent article in Tech Republic quoted a CompTIA IT Security Report that said that nearly half of IT managers believed their cybersecurity was “good enough.” This may be wishful thinking, or it may mean that many organizations have done the work to firm up their network defenses. What about your business or organization?
There are a few actions that any company can take to improve their cybersecurity profile. They are:
- Be proactive, not reactive. A lot of what passed for cybersecurity in the past was waiting for something bad to happen, and then reacting to it, a classical “break/fix” approach to security. To be effective, your strategy has to include staying current on threats to your organization and vulnerabilities on your network, and dealing with them before something happens.
- There is no perimeter. Perimeter defenses alone just don’t cut it when half your network is in the cloud. You also need to be looking at “east/west” traffic on your LAN, the activity inside your network, for patterns that could indicate malicious activity. Every email inbox has the potential to be a launch point for the next network intrusion, so focusing on the edge alone is no longer effective.
- Early detection. It used to be that most security efforts focused on preventing an intrusion. While prevention is still important, early detection of a breach has become more so. Maybe an IDS (Intrusion Detection System), IPS (Intrusion Prevention System) or a SEIM (Security Event and Incident Management system) would help.
Hiring your own cybersecurity professional to add to your IT staff may be impossible, since there is a 15% greater demand that supply of people with these skills. Your best bet may be to partner with an company that specializes in providing cybersecurity solutions to businesses like yours. This may be more economical in the long run than paying for full-time staff. Additionally, your cybersecurity partner could be tasked with the monitoring and analysis that goes along with solutions such as IDS, IPS, and SEIM systems.
In any event, if you haven’t added these initiatives to your network to-do list, you really should.Share
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com