Light Dark
June 19, 2017 By Douglas Bonderud 3 min read
CISO

This week, we will experience the longest day of the year: June 21. For IT professionals, more daylight means more time to handle tasks on the back burner, start new projects or even — gasp — take a step back from the cybersecurity front lines. Here’s a look at some top contenders for security tasks worth tackling this summer solstice.

Address New Threats

The cybersecurity skills gap is real — and growing — with a potential shortage of 2 million positions by 2019, according to Forbes. As a result, chief information security officers (CISOs) and IT teams don’t always have time to dig deep on emerging threats while they’re trying to manage day-to-day operations and secure corporate networks.

If slower summer days permit, it’s a good idea to take a hard look at existing security infrastructure and see how it measures up against new threats such as ransomware — WannaCry, anyone? — machine learning-based social engineering and hacktivism efforts. In effect, this task comes down to reading up on new attack vectors and their potential impact.

Dig Into Alerts

Users don’t pay attention to security alerts, and the same goes for IT security professionals. As noted by Phys, users ignore security alerts up to 90 percent of the time, often because they’re attempting to complete multiple tasks at once.

Despite their job description, security experts are at increased risk, since many alerts are effectively false positives and staff members can’t spare the time investigating every single one. If the solstice permits, it’s a great time to tackle the task of determining which alerts are actually useful and which need to be scaled back to avoid the problem of oversaturation.

Resecure Routers

Next on the list of security tasks for this year’s longest day is routers. Compromising a router allows access not just to a single computer, but often an entire network, making it difficult for IT professionals to track down and eliminate all sources of infection and mitigate total damage.

But despite the risks, many companies don’t bother to change stock passwords and login credentials when they roll out new routers. For cybercriminals, this is almost too easy — they can simply use “admin” as the username, visit a site that collects default router passwords to gain entry, and wreak havoc. Security professionals can virtually eliminate this problem by updating all router usernames and passwords.

Handle the Human Factor

While technical safeguards may be circumvented by attackers to gain network access, employees remain a weak point in the cybersecurity equation. According to a study by the School of Comupter Science and Informatics at De Montfort University, half of all analyzed breaches had “human error at their core.”

If security professionals find themselves with a few extra hours this June, take the time to examine staff behavior. Are they clicking on malicious links or opening unknown email attachments? Do current security policies do enough to address these practices? Do staff members have enough knowledge to steer clear of potential risks?

Update Old Software

Windows 7 was a significant avenue of attack for the recent WannaCry ransomware. Although Microsoft released a patch for the OS vulnerability months before the attack, not all businesses applied the security upgrade, leaving networks vulnerable. Some computers running Windows XP were also compromised, but since Microsoft no longer actively supports this OS, IT professionals were on the hook to pay for updates and ensure they were properly implemented.

The takeaway? It’s a good time of year to take a hard look at legacy software and platforms to determine if they’re properly updated or under threat. What may seem like a small patch or minor problem could lead to major compromises down the line. It’s better to take action than to sit back and hope for the best.

Implement Intelligence

Got most of these critical security tasks locked up? Considering new technology to future-proof your defenses? It’s worth taking some time to investigate new avenues such as cognitive security, which looks to improve intelligence analysis, predictive maintenance and risk management using new tools that can actively make connections between security events, existing frameworks and available resources to empower new responses.

Evaluate Current Models

Sometimes it’s best to start from square one. For many companies, months or years of technological improvements, innovations and adoptions have created a security landscape more Frankenstein’s Monster than unified intelligence. This leads to scenarios in which IT security professionals are desperately trying to keep up with new threats even as they walk the tightrope of keeping current systems online and operational.

Instead, security teams should consider an outside assessment. Find a trusted security partner and let it examine your network infrastructure, then suggest security transformation strategies that both integrate across legacy systems and defend against emerging threats.

Take a Breather From Security Tasks

It’s a novel idea, but what about taking some time to rest, refocus and then reimagine organizational security? Think of it like this: There are always security tasks that need attention that could help boost the bottom line or reduce total risk. But even CISOs need a break occasionally to get away from servers, routers and user requests and see things from a different perspective. The result is increased focus, decreased stress and improved ability to focus on the problems at hand.

Listen to the podcast series: Take back control of your cybersecurity now

 |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from CISO
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 2, 2024

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature