How To Not Do The Bad Guys' Job For Them In Cyber Security
When you think about cyber security, you need to look at the problem from the perspective of an adversary. If someone is trying to access your network, they operate as an opponent. Consequently, you need to avoid doing the bad guys' job for them. Many cyber security solutions providers tend to focus on these four areas of concern when they prepare for projects.
You want to make sure no human or machine user can access more resources than necessary for their task. Cyber security management professionals always turn off administrative privileges for all users. Even the folks doing the security work use a limited model where they have to log in and then escalate their privileges for specific tasks.
Notably, this applies even to your employees. First, you should never assume an employee can't pose a threat for personal or financial reasons. Second, even a well-meaning employee can accidentally cause cyber security problems. Finally, a hacker might target an employee and use their credentials. If that happens, you want the credentials to be capable of causing the least damage possible.
Update Software Regularly
Major exploits often focus on recently discovered problems with software. Hackers follow security news closely, and you have to do the same. If they see a zero-day exploit, they'll be trying it out on Day Zero. If you haven't patched the system until Day One, you may be too late. Cyber security management professionals use automated systems to keep updates rolling out as soon as companies post them.
Retire Hardware on a Schedule
Bad actors are increasingly interested in hardware exploits like Meltdown and Spectre that target processor architecture. Companies make major investments in hardware and are reluctant to move off systems any sooner than necessary. Worse, many organizations keep systems running long after obsolescence.
You probably won't swap out key hardware systems the moment an exploit appears. However, you shouldn't keep old systems running past their expected life spans. Retire hardware on a schedule to minimize the odds something exploitable will be lurking in the server room.
Map and Monitor Your Network
Even at fairly small organizations, the number of network appliances and computing resources can get cumbersome. Particularly with the rapid addition of phones and tablets to networks, there are simply many points of possible compromise.
Map your network so you know what's there. Boot anything that shouldn't be there off. Likewise, monitor the network so you can catch early signals if a system is compromised.