In some parts of the world, the new year comes in with the onset of winter, which means it’s time to winterize our cars, our houses and ourselves. The new year is also a good time to winterize your organization’s cybersecurity by adopting some best practices that will get you safely through the snowdrifts and across the patches of black ice on the road.
Winterization Best Practices
Security threats are constantly evolving, but the recommended best security practices for 2016 have much in common with those for 2015, as outlined, for example, by ObserveIT. Here are seven areas to focus on as the calendar turns to January.
1. Threats and Compliance
The first step in winterizing your organization for 2016 is knowing what sort of winter is predicted. Blustery storms? Cold, hard freezes? What specific threats are on the rise that you should be particularly concerned about? What specific new compliance rules are set to kick in that you need to get out in front of?
This assessment tells you where your most serious potential risks lie and what exact targets you need to be shooting for.
2. Endpoints and Architecture
Network endpoint protection is no longer the be-all and end-all of security best practices. But just because burglars might climb in through a window doesn’t mean you don’t lock and double-check the doors. What endpoints or other potential targets are implicit in your architecture and call for special attention?
Assessing your endpoints shows where security resources can be deployed most effectively.
Applications are now delivered in multiple ways, including via managed services and the cloud. And applications are no longer stand-alone monoliths: They can be and are chained together, with one resource calling another. Unfortunately, while this provides flexibility and power, it also provides an access point for attacks.
Like your system architecture, your applications need to be regarded as a road map to where your defenses must be placed. Evaluate your application security posture and see what can be improved or what needs to be better protected.
Installing updates should be a no-brainer — which means you don’t want to kick yourself after the fact. Make sure all software and application updates or patches are properly installed and that updating is kept up to date on an ongoing basis. Applying updates is probably the single most important active security measure you can implement.
5. Event Logs
Event logs provide a detailed, ongoing and near real-time picture of what is actually happening on your network. That means they are one of your most important diagnostic tools when anything goes wrong.
Event logs also measure the overall health of your network, identifying all sorts of incipient problems, whether they are security-related or not. All of this makes logs a basic working tool and a critical one to assess for the year ahead.
6. Human Factors
Cybercriminals don’t attack computers: They attack people and organizations of people by using computers. The human dimension is fundamental to cybersecurity. As defenses improve, attackers are sharpening their knives for the human factor, with tactics such as spear phishing and social engineering via social media becoming popular and more effective.
7. Response Plan
Attacks are constant and they come from all directions. Sooner or later, an attacker is going to get through your defenses and do damage. When it happens, you will need a response and recovery plan to guide you through the rocks and shoals.
This is not something you can do on the fly! The time to draft that response and recovery plan is now, so that it is ready when you need it.
These cybersecurity best practices are easier to list than to implement, but keeping them at the top of your mental to-do list will go a long way toward making this winter a safe and secure one for your organization.