Imagine that one day you wake up and find out that your leg has fallen off. Firstly, you’re going to try and glue that bad boy back on straight away (or however medicine works). But it would probably be best to check your body regularly and detect the illness in your system before it gets to a ‘limbs falling off’ place. And Eric Cole – SANS Institute fellow and general security guru – says the same is true for our security online.
The main focus of Cole’s keynote speech at Infosecurity Europe 2014, which draws to a close today, is that we should be doing more to detect, and prevent, cyber threats; and to move the focus from neutralizing known threats, to finding unknown ones. He (conveniently for my analogy) also likens cybersecurity to getting ill; it’s going to happen to all of us at some point, so we may as well accept it and focus on minimising the frequency and impact when it does.
Most of it revolves around understanding your network; just as knowing your body helps you realise something’s wrong and how to fix it, if you don’t know what’s on your network you can’t effectively defend it.
Cole has come up with ‘four core fundamentals’ for winning at security.
1. To transform your cyber defence strategy, you first need to identify all information assets by drawing up an inventory. So basically – know as much as possible about your system.
2. Improve configuration management capability. Cole says: “If you do not know how devices on your network are configured and set up, you cannot know how to protect and secure them.”
3. Ensure you have sufficient change control capability to manage change in the IT environment.
4. Focus on network segmentation, isolating critical systems and therefore, making it difficult for attackers to move laterally in an organisation. Much like if your appendix exploded, you’d want it kept away from your lungs.
Doing these things, he says, will help pre-empt attacks and vulnerabilities, and catch and control them once they’re in.
Being proactive with online security is vital nowadays, and as security threats get more complex and common, we can’t just sit on our virtual laurels anymore. Cole suggests that most organisations aim too high with security because they think they already have the basics covered, but if they dig a little deeper they’ll realise their foundations aren’t secure.
Create tools to increase security visibility within your system so you can see where the holes are, and which departments in your organisation aren’t pulling their weight. Apparently 70-80% of threats come from one or two departments within a business and they’re usually problems of non-compliance.
To help with this, he says more businesses need someone translating between the higher business people and the security tech-speak to ensure that the leaders don’t just ignore the issue. And it’s true that it’s easy to hope for the best, with an ‘I don’t understand it, and it will never happen to me’ attitude; but that might be hard to say when your face has fallen off, so look after your system and start detecting today!
If you have any questions about security here at UKFast give us a call on 0208 045 4945 or drop your account manager a line.