What is your maturity level with Cybersecurity?
To find out, try to think first about your own network and your organization's current security posture.
Think about how proactive you are and if you could do more right now. It may be that nothing critical has happened so far, but keep in mind that sometimes it's just a matter of time before your organization is aiming for an attack.
The point is that every CIO / CISO needs to be proactive in order to eliminate potential threats or risky behavior. This simple attitude can drastically reduce cyber risk or at the very least, the organization will be better prepared for a security incident when one occurs.
While many organizations have excellent information technology teams that do a great job of configuring networks, configurations are often designed around functionality and performance with just a slight touch of security. Considering a few simple security activities leads IT to further security enhancement and this is very important.
But how to reduce this risk?
The answer is: Performing some proactive assessments periodically, such as:
1. Pen Testing
Penetration testing, depending on size and scope, can help identify unpatched servers that have exploitable vulnerabilities and find weaknesses through social engineering. Considering that the human factor is the weak link in any safety chain, testing and educating employees should be at the top of the list of proactive practices.
2. Host Scanning and Assessment
Host Scanning and Assessment should not only include a scan for malware running on the system or static residents of the drive, but should also feature a system assessment and program settings that an attacker can use to further traverse the network.
For example, it is not uncommon for administrators to unintentionally leave credentials in configuration or batch files on plaintext servers. Although unintentional, this type of risky behavior can be the difference between a simple infection or the complete possession of the network by the malicious intruder.
3. Log Analysis
Log Analysis is an extremely important part of a threat assessment. Firewall logs can show if there is suspicious traffic coming from an internal endpoint, even if traffic is blocked at the firewall. This can help identify a commitment indicator. Security event logs can also indicate potential remote desktop connections and brute force attacks on user accounts.
Also, the ability to respond to a security event and follow an intruder across a network greatly depends on the visibility of the network in the form of registration. Threat assessments often flag blind spots in the network log that could limit the ability to track an intruder or prevent analysis of the root cause of a situation.
4. Assessing Practices
Critical practices and critical controls can help analyze daily processes and the associated risk to examine network architecture for security risks that could be improved.
With this in mind, SAFEWAY has developed the Cybersecurity Health Check which is a diagnostic solution for the entire technology environment, using the intelligence of years of incident response investigations and current security trends to identify active threats and risky behaviors.
Consult us to learn more and how we can implement these practices in your business.
[QUIZ] 10 questions that can help you figure out how mature your company is in the face of the cybersecurity challenge.
A cyber storm is approaching. Are you ready?