December 29, 2015 By Rick M Robinson 3 min read

In some parts of the world, the new year comes in with the onset of winter, which means it’s time to winterize our cars, our houses and ourselves. The new year is also a good time to winterize your organization’s cybersecurity by adopting some best practices that will get you safely through the snowdrifts and across the patches of black ice on the road.

Winterization Best Practices

Security threats are constantly evolving, but the recommended best security practices for 2016 have much in common with those for 2015, as outlined, for example, by ObserveIT. Here are seven areas to focus on as the calendar turns to January.

1. Threats and Compliance

The first step in winterizing your organization for 2016 is knowing what sort of winter is predicted. Blustery storms? Cold, hard freezes? What specific threats are on the rise that you should be particularly concerned about? What specific new compliance rules are set to kick in that you need to get out in front of?

This assessment tells you where your most serious potential risks lie and what exact targets you need to be shooting for.

2. Endpoints and Architecture

Network endpoint protection is no longer the be-all and end-all of security best practices. But just because burglars might climb in through a window doesn’t mean you don’t lock and double-check the doors. What endpoints or other potential targets are implicit in your architecture and call for special attention?

Assessing your endpoints shows where security resources can be deployed most effectively.

3. Applications

Applications are now delivered in multiple ways, including via managed services and the cloud. And applications are no longer stand-alone monoliths: They can be and are chained together, with one resource calling another. Unfortunately, while this provides flexibility and power, it also provides an access point for attacks.

Like your system architecture, your applications need to be regarded as a road map to where your defenses must be placed. Evaluate your application security posture and see what can be improved or what needs to be better protected.

4. Updates

Installing updates should be a no-brainer — which means you don’t want to kick yourself after the fact. Make sure all software and application updates or patches are properly installed and that updating is kept up to date on an ongoing basis. Applying updates is probably the single most important active security measure you can implement.

5. Event Logs

Event logs provide a detailed, ongoing and near real-time picture of what is actually happening on your network. That means they are one of your most important diagnostic tools when anything goes wrong.

Event logs also measure the overall health of your network, identifying all sorts of incipient problems, whether they are security-related or not. All of this makes logs a basic working tool and a critical one to assess for the year ahead.

6. Human Factors

Cybercriminals don’t attack computers: They attack people and organizations of people by using computers. The human dimension is fundamental to cybersecurity. As defenses improve, attackers are sharpening their knives for the human factor, with tactics such as spear phishing and social engineering via social media becoming popular and more effective.

A lecture on security awareness and user best practices is not enough. Do your people really understand how their human nature might be exploited by attackers? They need to.

7. Response Plan

Attacks are constant and they come from all directions. Sooner or later, an attacker is going to get through your defenses and do damage. When it happens, you will need a response and recovery plan to guide you through the rocks and shoals.

This is not something you can do on the fly! The time to draft that response and recovery plan is now, so that it is ready when you need it.

These cybersecurity best practices are easier to list than to implement, but keeping them at the top of your mental to-do list will go a long way toward making this winter a safe and secure one for your organization.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today