From struggling or hardly surviving, to a fully supervised and manageable security program…
Most companies are struggling with running an smooth security program. No matter how much they are spending on that, the difference is really not that much. From zero budget to million dollars security budgets, they still do not have enough trust in their security program. Regardless of how much they are spending on security initiatives, they never really have confidence and are not expected to see positive and reliable result of their investment.
Adversaries are finding new ways to hurt online businesses every single minutes while tech gurus are creating “solutions” to address today’s challenges within months, years and sometimes decades after the fact!
We simply are only trying to survive in cyberspace, but what could we do better to thrive, in a stronger position, where the security is not a hassle anymore, and it should not be the heart of the matter too. Let’s look at some practical countermeasures:
* stick to a management system
For a moment forget about technology and tools and get back to basics. A management system could totally fulfill whatever you need in terms of handling processes and not being worried about base of your operation. You can invent the wheel again or you can choose from thousands of management systems, but first ask experts which system fits your needs or bring professional on-board to implement a system fully customized to your work flow from scratch, also believe me, without a management system of any kind and approach, you will be still at the first step after years spending your precious time, which is that “surviving” approach.
* set objectives
any project has a set of goals which are measurable and achievable. Objectives are neither like: having a more secure network…or, setup RDP filtering on firewalls…there are more like reducing current number of entry points to network…or, assessing current remote protocol insecurities…
objectives help you better understand what are trying to get from your management system, and where resources have to be focused. This topic is also related to Risk approach which I think is the fundamental and background of the management system.
* constantly measure
These are checkpoints where you can tell precisely and by evidence if you are on the track, and the more you measure and automate the process, the more you get close to a proactive system and faster accomplishing each of objectives. Through measurement you can tell of direction is write or wrong, or what is wrong or right.
* plan for corrective and preventive actions
with each measurement you need to define corrective actions if the result is not expected or the pace is slow, and the plan to enforce these corrective actions is the key to a smooth security program, otherwise you will be struggling with past actions while new ones arrive.
* be responsive to facts not fictions
computer security industry is full of fictions, and we mostly spend time and money on things which are either not important or can be tackled from root, so let me give you an example:
taking Advil when you catch flu is just a pain killer, only for passing time without suffering from flu symptoms, just to survive, because we do not know how to handle flu virus in 21st century (or maybe we know but we don’t want to disclose?!), and that is similar to running a virus scan on your network when you get a virus infection!
Cyber security facts have not been changed since the beginning of this subject in human history, so once you know about the facts you see how it is easy to address them without Advil!