Share with Your Network
The holiday season is in full swing, as are the usual stressors that come along with it: long-distance travel, family dynamics, gift-giving expectations, the onslaught of cookies at every turn. While there are near-and-dear aspects (did we mention cookies?), the winter months can often leave people with an overall sense of unease, especially for those who work in security operations.
The last thing anyone needs is a cybersecurity threat that managed to slip through the existing defenses and cause a flurry of damage control while you’re out of the office. Unfortunately, given end-of-year trends, this scenario is even more likely.
Staying secure–and resilient–is more important than ever
Organizations of all shapes and sizes are working to reinforce their defenses against surging CVEs and increasingly sinister, targeted attacks. And there’s no better time to lay the groundwork for more resilient security operations, according to Gartner. Earlier this year, the analyst giant outlined eight security predictions that are shaping decisions for today’s security and business leaders. Largely informed by rising risk, these predictions offer a sobering glimpse into the future and underscore the criticality of a strong foundation of security resilience.
Ongoing challenges like increasingly unpredictable weather events and ill-timed waves of resignations add more reason to establish a foundation of security resilience to help outlast these and future conditions. In recent weeks, massive layoffs are shrinking some of the biggest organizations around the world as they try to cut costs in the face of a significant recession. These layoffs also serve as a signal for every company that drastic staffing decisions might have to be made, and reducing the number of people manning cybersecurity defenses could make organizations vulnerable to targeted attacks.
Thinned security teams can act a welcome mat for threat actors looking to optimize the likelihood of a successful breach. And since the holidays often mean skeleton crews are on duty, it’s natural that the end of the year carries more threats than usual. That’s why the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently warned organizations to remain vigilant this season.
But what does that mean for you and your team? We have some thoughts.
Lock down your environment–even when you’re OOO
For a less stressful holiday season, here are four critical musts to have in place for more reliable defenses with thinner staff.
1. Identify who’s on call. Who’s sacrificing their slice of pecan pie to make sure systems are running smoothly? It’s a painful job but having seasoned and savvy employees at the helm can save a tremendous amount of money and stress. Look at the September attack on the second-largest school district in Los Angeles that took place over the Labor Day weekend. While the event served as sobering reality check, the damage was stymied by the people on duty who caught it early.
For quicker response times and more effective action over holiday breaks and shutdowns, make sure you have IT and Security represented and that they have shared marching orders with a single source of truth.
2. Jump on the MFA bandwagon. Multi-factor authentication is picking up steam, with double-digit adoption numbers across the globe. More and more companies are realizing the necessity of placing this critical identity and access management hurdle in the path of potential hackers. But even with increased usage, there are glaring omissions in a strong MFA strategy recently highlighted in the 2022 Duo Trusted Access Report. Rules like geographically based deny or allow policies, or even keeping devices and software up-to-date, are painfully underutilized methods to keep holiday hackers at bay.
Explore the report for more best practices and eye-opening stats.
3. Embrace risk-based vulnerability management. 2021 saw record-breaking creation of CVEs and those numbers have maintained a steady clip. To make sense of and prioritize this swell of vulnerabilities, you need to know which ones pose an actual threat to your organization. More and more teams are embracing a data-driven, risk-based vulnerability management solution that effectively and efficiently prioritizes the organization’s riskiest vulnerabilities. Some top tier solutions can even predict which vulnerabilities are likely to be exploited with up to 94% accuracy.
But not all risk-based vulnerability management solutions are created equal. To help you narrow down your consideration set and better understand the real value-add to your business, we’ve listed 7 Questions To Ask Every Vulnerability Management Vendor.
4. Remind everyone not to let their guard down. Tryptophan-impaired employees are sitting ducks for phishing emails that can unleash ransomware attacks. Too many teams fall back on implementing yearly, stand-alone security trainings that don’t truly educate the wider employee base to catch potential security threats. Consider a pre- or mid-holiday season training session to brush up on the basics. Include discussions, hands-on training, or rewards-based participation and threat scouting. With a more rigorous and thorough security training approach, your holiday season could be saved by Phil from accounting.
For more on how to level-up your security training, explore these top tips. here’s some good info for this.
Survive the holidays and beyond
Consider last year’s Apache Log4J headache that slipped in just before the end of the year. While most people were preparing to close their laptops for a week or two, IT and security teams were left to cry into their eggnog. But organizations with risk-based prioritization in place were able to isolate the vulnerability on their most critical assets and remediate those first, helping to secure business-critical data and applications.
Holidays are an effective use case and excuse to implement much-needed strategies to shore up your security operations. But it’s not just the holiday season we’re trying to make it through. Building security resilience helps ensure a future where you can navigate unexpected changes or unknown threats with confidence.
Register to watch this on-demand webinar featuring Ed Bellis, CTO and Co-founder at Kenna Security at Cisco, and Liz Waddell, Global Practice Lead, Cisco Talos Incident Response, break down what security resilience really means and ways you can begin to realize it.
