This week, we will experience the longest day of the year: June 21. For IT professionals, more daylight means more time to handle tasks on the back burner, start new projects or even — gasp — take a step back from the cybersecurity front lines. Here’s a look at some top contenders for security tasks worth tackling this summer solstice.
Address New Threats
The cybersecurity skills gap is real — and growing — with a potential shortage of 2 million positions by 2019, according to Forbes. As a result, chief information security officers (CISOs) and IT teams don’t always have time to dig deep on emerging threats while they’re trying to manage day-to-day operations and secure corporate networks.
If slower summer days permit, it’s a good idea to take a hard look at existing security infrastructure and see how it measures up against new threats such as ransomware — WannaCry, anyone? — machine learning-based social engineering and hacktivism efforts. In effect, this task comes down to reading up on new attack vectors and their potential impact.
Dig Into Alerts
Users don’t pay attention to security alerts, and the same goes for IT security professionals. As noted by Phys, users ignore security alerts up to 90 percent of the time, often because they’re attempting to complete multiple tasks at once.
Despite their job description, security experts are at increased risk, since many alerts are effectively false positives and staff members can’t spare the time investigating every single one. If the solstice permits, it’s a great time to tackle the task of determining which alerts are actually useful and which need to be scaled back to avoid the problem of oversaturation.
Next on the list of security tasks for this year’s longest day is routers. Compromising a router allows access not just to a single computer, but often an entire network, making it difficult for IT professionals to track down and eliminate all sources of infection and mitigate total damage.
But despite the risks, many companies don’t bother to change stock passwords and login credentials when they roll out new routers. For cybercriminals, this is almost too easy — they can simply use “admin” as the username, visit a site that collects default router passwords to gain entry, and wreak havoc. Security professionals can virtually eliminate this problem by updating all router usernames and passwords.
Handle the Human Factor
While technical safeguards may be circumvented by attackers to gain network access, employees remain a weak point in the cybersecurity equation. According to a study by the School of Comupter Science and Informatics at De Montfort University, half of all analyzed breaches had “human error at their core.”
If security professionals find themselves with a few extra hours this June, take the time to examine staff behavior. Are they clicking on malicious links or opening unknown email attachments? Do current security policies do enough to address these practices? Do staff members have enough knowledge to steer clear of potential risks?
Update Old Software
Windows 7 was a significant avenue of attack for the recent WannaCry ransomware. Although Microsoft released a patch for the OS vulnerability months before the attack, not all businesses applied the security upgrade, leaving networks vulnerable. Some computers running Windows XP were also compromised, but since Microsoft no longer actively supports this OS, IT professionals were on the hook to pay for updates and ensure they were properly implemented.
The takeaway? It’s a good time of year to take a hard look at legacy software and platforms to determine if they’re properly updated or under threat. What may seem like a small patch or minor problem could lead to major compromises down the line. It’s better to take action than to sit back and hope for the best.
Got most of these critical security tasks locked up? Considering new technology to future-proof your defenses? It’s worth taking some time to investigate new avenues such as cognitive security, which looks to improve intelligence analysis, predictive maintenance and risk management using new tools that can actively make connections between security events, existing frameworks and available resources to empower new responses.
Evaluate Current Models
Sometimes it’s best to start from square one. For many companies, months or years of technological improvements, innovations and adoptions have created a security landscape more Frankenstein’s Monster than unified intelligence. This leads to scenarios in which IT security professionals are desperately trying to keep up with new threats even as they walk the tightrope of keeping current systems online and operational.
Instead, security teams should consider an outside assessment. Find a trusted security partner and let it examine your network infrastructure, then suggest security transformation strategies that both integrate across legacy systems and defend against emerging threats.
Take a Breather From Security Tasks
It’s a novel idea, but what about taking some time to rest, refocus and then reimagine organizational security? Think of it like this: There are always security tasks that need attention that could help boost the bottom line or reduce total risk. But even CISOs need a break occasionally to get away from servers, routers and user requests and see things from a different perspective. The result is increased focus, decreased stress and improved ability to focus on the problems at hand.