Being prepared for any eventuality by understanding the controls required to develop your own agenda are essential. You must see the need for battle if you wish to develop your own cause on any level, but you should not fight the battle if you cannot foresee winning the war.” - Sun Tzu, The Art of War
At the latest security industry meeting I was in attendance for, I was shocked by the defeatist attitude and overall scaremongering tone used by most of the participating security practitioners. Given the negative nature of the atmosphere and conversation, you would have thought performing any information security was a waste of time because ‘attackers have already infiltrated everything’. The situation reminded me of a line Dante used in Divine Comedy: “Abandon all hope ye who enter here.”
This attitude and perspective frustrates me quite a bit. It frustrates me even more when my peers use this type of tone in an attempt to increase interest in cybersecurity. Yes, it is true that attackers are getting more and more persistent. However, it is also true that we keep making the same mistakes. Small things like missing patches, default passwords, and poorly configured applications pushed out on the public internet are what is allowing bad actors to infiltrate time and time again. Practicing simple cyber hygiene can significantly increase overall security posture, making the likelihood of attack significantly lower.
Most of the basics in cyber hygiene address preparedness, but what about defense? These days, most firewalls now feature various types of advanced malware protection and deep packet inspection. The use of standalone Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) significantly decrease the likelihood of an attacker getting through your perimeter.
In your network, effective segmentation using virtual local area networks (vLANs) with appropriate access control lists (ACLs) make it extremely difficult for an attacker to pivot from a compromised system to deeper into the enterprise.
Security can be delivered by practicing situational awareness through the use of tools like NetFlow, log analysis, and system reporting. These tools act as an aid in alerting administrators of malicious activity when fed into advanced security information and event management (SIEM) systems. Many of these systems leverage machine learning to alert defenders before the attacker is ever even close to being successful.
The key takeaway from this post is understanding that cybersecurity is a battle we can win by using a layered defense strategy that applies machine patching, system hardening, network defenses, and user education. As always, if you have any questions feel free to reach out by emailing me at firstname.lastname@example.org.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.