Welcome to our new series, Cybersecurity Monthly, where we’ll be presenting you a round-up of updates from one of Impact’s security experts, vCISO Humberto Gauna.
You’ll learn about trends and strategies for SMB security and how you can improve your organization’s approach to ensuring the best cybersecurity practices.
Take a look!
Cybersecurity Monthly: March 2021
Hi there! I’m Humberto and I’ll be walking you through my tips over the last month, so get your cup of joe on the go and let’s dive right in once again.
Prioritization is our first concern. We often get focused on the technology side of cybersecurity. According to the 2020 DBIR, the three actions most responsible for incidents and breaches are hacking, social engineering, and error.
What isn’t really clear, the definition of error. Is it misconfiguration, misuse of privileged access, or just poor security education?
In my opinion, it is all of the above!
This is where the prioritization exercise comes to play, in addition to data analytics. We often focus on measuring against our peers or competitors. This approach is dangerous, as it really isn’t a like-for-like comparison. Everyone is different and should be measured as such. Finding or creating the “common denominator” is key in this exercise.
Your prioritization should be defined by your own SWOT analysis. I had been doing this for a while, I just hadn’t learned of the formal process until last year. Strength, weakness, opportunities, threats. I would recommend the priority be items in the threat, weakness, and opportunities, that also align with resource availability and usage.
What I mean when I say availability and usage of resources is: what can you do now with minimal effort and have a high return?
The answer to this in a lot of cases will be to educate your workforce. Consider enrolling them in programs which can help them become more aware of data security and better at safeguarding themselves and the devices they use.
What Is a Hacker?
What is the true meaning of #hacker and how has the media has misused that term?
Coming from the word “hack” which is to cut, notch, slice, chop, or sever. A hacker is someone that does the aforementioned. In slang, a hacker, or a hack, is someone who accomplishes a task with little or no skill.
When looking at the etymology of the word “hack” it is most definitely aligned with the above definitions. Though interestingly, in 1812, the use of the word “hack” as an adjective, was used to describe a mercenary.
Fast forward to 1984, it is used to describe persons who illegally enter systems. So, if you take a look at the above, the only connector to the word is that of a mercenary, right?
Not in my opinion. Hackers, by nature, take things apart (cut, notch, slice, chop, sever) to understand the inner workings and how things work or don’t work when pieced together. Lifehack is a form of this concept, making life easier by taking something apart and using it for something else.
Hackers are by no means doing common or routine work, though based on recent events, it does seem common.
Appropriation and misuse of the word have now been culturally accepted.
We in the cybersecurity industry have a problem; cybersecurity tends to overcomplicate solutions before the basics are in place. This is why cybersecurity assessments are important.
In my career in the Marines, I have had to teach physical responses against threats. We always start with the basics, make sure every response is done correctly—train properly and repeat until every movement is an automatic response.
The same principal applies in cybersecurity; if your team does not know how to respond to threats, the result may be less than optimal, to put it mildly. Keep in mind that threats aren’t always coming from the outside. Threats are also complacency, disregard, speed, and most of all; lack of direction.
One of the overused phrases in training—slow is smooth, smooth is fast. The phrase translates to: make every move count, make every move deliberate, don’t make mistakes. In other words; make sure you’ve got a great strategy combined with a great tech stack and good protocols for security.
Protecting the SMB enterprise is a challenge from two fronts. But they are both related to one thing.
SMB security takes time, strategy, and the right circumstances.
What are those right circumstances? The top leadership of that organization needs to understand the risk and decide how to address it in a risk management framework.
When an organization works through the process, they will realize that in order to implement a solid security program, they need resources. It isn’t just the tools or technology that make a program successful.
Resource sharing and expertise may be an option for you, but working with a managed security service provider (MSSP) to shift the task of sourcing the cybersecurity personnel, training them, and keeping up with threat intelligence that will help keep your business safe if highly recommended in today’s cybersecurity environment.
Select an MSSP that is able to understand your goals and is able to work with you as a partner, not just a vendor.
That’s all from Humberto this month. To learn more about cybersecurity, you can watch our 2020 Cybersecurity in Review webinar, where Humberto joins Impact’s Director of MIT Security Services, Jeff Leder, as they assess 2020 from a security perspective, analyzing the biggest breaches and providing valuable insights into what businesses can do better. Watch here.