There is a great deal of noise around the increasingly sophisticated threat that attackers now pose to organisations, and the restricted IT budgets with which to fight back. So much so that you’d be forgiven for thinking that IT professionals should just lay down and hand over organisations’ data to cybercriminals.
However, this is not the case. Sure, attackers are now better funded and therefore better equipped than ever before, but IT professionals have weapons in their arsenal to combat the threat. For all the foreboding talk of some David and Goliath-esque fight between IT professionals and attackers, there are steps to ensure that, much like the story, the underdog prevails.
Establish a plan
While it may not be the most exciting piece of advice you’ll ever receive, developing a security framework may just save your company from the financial and reputational catastrophe that a breach can cause. This security framework shouldn’t be set in stone, however, and your security expert or team (more on this later) should be willing and able to re-evaluate as time goes on. After all, cybercrime is constantly changing. Organisations need to adapt quickly, reassessing their security policies and procedures every six to nine months to help ensure everything is up to date and in-keeping with the current threat landscape. Above all else, have more than a single point of security every chance you get. This will help to deter the low-hanging fruit most hackers go for. Establishing a framework and leaving it unchecked is the equivalent of leaving your front door ajar—it essentially invites attackers in.
Assemble your security A-team
The protection of sensitive information must be a top priority for IT professionals and their organisations, and it’s vital they remain more vigilant than ever when monitoring applications containing such information. This increased focus is a necessity, given how sophisticated and rapacious attackers can be. For example, attackers now use automated network searches to locate areas within an environment that can be breached and stolen from.
One of the best ways for an organisation to equip itself against this threat is to establish a security team. A security team doesn’t need to be made up of security experts, as this would be too costly for many companies. However, a basic-level security team made up of IT administrators and IT professionals can provide the extra eyes and ears required to ensure vigilance.
Once your team has been established, organisations should look to deploy a comprehensive monitoring toolset—one that outlines a baseline of performance across networks, systems and databases. By understanding how the infrastructure should behave, the team will have a reference point to check when something appears to be going wrong. If something is amiss, the team has the security framework in place, which should offer a pre-determined response plan to help quickly remediate the issue at hand.
Use every tool at your disposal
The internet is a wonderful, terrifying thing. It contains endless joys, such as adorable animals being rescued from seemingly hopeless situations, and unbound misery, the likes of which it’s probably best not to elaborate on. While attackers are using online resources for malicious purposes, IT professionals can use similar tactics to provide protection to their organisation, establishing a good that counters the bad.
For IT professionals overwhelmed by the new threat landscape, there is no limit of free, readily available resources that can be leveraged to help protect their organisations. From online communities where IT professionals offer advice and share stories from the trenches, to information on the latest patches, IT professionals should both take advantage of and contribute to these resources, as they can be an invaluable resource in the ongoing fight to protect their organisation.
Your organisation’s end-users aren’t out to get you (well, at least most of them aren’t!), but you should probably keep an eye on them, just in case. This may sound paranoid, but a lack of end-user education can be extremely damaging to your organisation and directly contribute to a breach. In fact, the SolarWinds IT security U.K. survey found that inadequate end-user training was one of the top three factors for organisations becoming increasingly vulnerable to cyberattacks.
Again, this doesn’t necessarily mean a malicious attack from an insider threat. Something as innocuous as an employee opening an email from an unknown source, or falling victim to a phishing scheme that introduces malware could introduce vulnerabilities into an organisation. It could even be a result of an employee bringing a new, unsecure device to the network—something that is occurring more regularly thanks to growing trends such as BYOD.
All of these vulnerabilities occur due to a lack of education—with employees not understanding the level of risk they are inadvertently posing an organisation, and how they are doing so. IT professionals should be proactive and transparent about informing organisations—from top to bottom—about weaknesses that could be exposed by careless end-users and how this can be prevented. By offering education, organisations can be more confident that if a threat occurs, it hasn’t come from within.
Maintain accountability through compliance
Implementing compliance software is the best way to help ensure accountability, allowing IT professionals to address vulnerabilities through an easy interface, and enabling them to manage patches and log event management.
Compliance software proactively monitors for security vulnerabilities and offers alerts when an issue needs to be addressed, providing a safety net for IT professionals who can rest easy knowing they will be informed if a vulnerability appears and they are at risk. For example, if your organisation simply doesn’t have the resources to implement a security team, compliance software can help pick up vulnerabilities, such as late patches, so that IT professionals aren’t stretched any thinner than they already are.
While IT pros may still be considered underdogs in the fight against cybercrime, tools are available to help ensure their organisations are protected, and that attackers are repelled. By following the above steps, IT professionals stand in good stead to keep fighting the good fight.
By Destiny Bertucci, Head Geek™, SolarWinds