Welcome to a new series, Cybersecurity Monthly, where we’ll be presenting you a round-up of updates from one of Impact’s security experts, vCISO Humberto Gauna.
You’ll learn about trends and strategies for SMB security and how you can improve your organization’s approach to ensuring the best cybersecurity practices.
Take a look!
Cybersecurity Monthly: February 2021
Hi there! I’m Humberto and I’ll be walking you through my tips over the last month, so get your cup of joe on the go and let’s dive right in.
Last month, the law enforcement community had a win. The Emotet C2 malware network thought to originate in Russia was dismantled. Here’s my take on the situation.
First off—how does this happen? It isn’t like the dark web is a permissive place to go for law enforcement personnel. Just as getting into any federal building is nigh impossible (or so we thought), getting into the heart of criminal organizations on the dark web has background checks of its own to weed out federal agents.
In my opinion, a coordinated effort by multiple agencies was completed based on the same conclusions by independent investigations. Cyberforensics concluded what the data flow was and what the common denominators were regarding the operation to help them track and shut it down.
This is why it’s so important that those who are victims of ransomware report and submit forensic evidence to get this information. You can report internet crimes (cybercrime) directly to the FBI here.
To reduce your risk, understand the tactics, techniques, and procedures (TTP) of the threat. Become members of intelligence-sharing groups and ensure your subject-matter experts (SME) are members and using that intelligence to provide recommendations to your internal staff. This is where a vCISO or cybersecurity consultant can be of huge benefit to a business.
Predictions for 2021
Let’s talk about predictions, because we are about to see a whole bunch. Some of us are cautious about providing specific predictions as to reduce fear, uncertainty, and doubt.
Other predictions are an increase in the effect of what we’ve previously observed. Ransomware, for example, was bad in 2020. The prediction and trends suggest that it will get worse. The complexity of ransomware; the tactics, techniques, and procedures will obviously change and develop as attackers find new vectors.
We are in a game of whack-a-mole with several threat actors and judicial requirements. We make a move to adjust, threat actors make two moves.
They don’t follow the rules, so we must stay ahead of them. I provided some tactics and procedures in our Impact Networking, LLC Webinar, which you can watch by following the link below.
I do look forward to a future webinar on how our services can help you! I am here to provide help on how to manage risk and reduce the effects of threat actors.
What’s Your Security Strategy?
I’m often asked by people about what exactly is a cybersecurity strategy and how can one be implemented it into an organization.
The short answer is that strategy is an action that managers take to attain one or more of the organization’s goals. As far as cybersecurity is concerned, this means that in order to achieve best practices, you should review policies and procedures by implementing KPIs against measured tasks.
Strategy doesn’t necessarily specify how or which tools you will use—that is an operational task; unless of course that your strategy is to become a vendor shop!
Businesses should be asking themselves clear, key questions that define how they go about their cybersecurity. The key items here are Cybersecurity best practices, policy and procedures, and KPI.
- What best practices are you implementing and why?
- How do you document your decisions?
- How are you evaluating your efficiency, go or no-go criteria?
If you aren’t gaining efficiencies in your security program by implementing something new, then the investment was not worth the time and effort.
Cybersecurity should be a business enabler and not strictly a cost center. By defining your strategy, it will guide you to not chase the latest gadget—particularly tech your business doesn’t need.
Consider Hiring a Consultant
Words matter when tied to actions. The goal of hiring a consultant is to receive recommendations and guidance to achieve a specific goal and roadmap for your ambitions. When you hire said person, have an objective in mind.
Cybersecurity can be a challenge when considering the following statement: “I want to be more secure than I am today”. Of course, this is what everyone wants, but consider instead: “I want to develop a process to continuously improve our organizational security.”
This statement limits the time it may take to deliver such a document by defining a long-term process and putting a much larger emphasis not just on the tech you want, but the practices and procedures, too.
This is where the experience and expertise are valuable. Building a program and knowing where the friction points may be will avoid growing pains and requires a cybersecurity consultant.
Another item to consider is the authority of the consultant. In normal situations, there is no authority; the consultant provides the information to internal teams to decide whether to execute or accept the risk. The organization retains authority and responsibility, and as such should dedicate resources to the project.
Evaluate what you are asking someone to do and ensure the results are measurable. Allocate the proper resources to make sure your expectations can be met and your business protected.
That’s all from Humberto this month. To learn more about cybersecurity, you can watch our 2020 Cybersecurity in Review webinar, where Humberto joins Impact’s Director of MIT Security Services, Jeff Leder, as they assess 2020 from a security perspective, analyzing the biggest breaches and providing valuable insights into what businesses can do better. Watch here.