Key Points:
- Many breaches in cybersecurity occur due to neglect or simple mistakes, rather than advanced threats or vulnerabilities.
- Basic cybersecurity hygiene practices, such as patching systems, verifying identities, and being vigilant for suspicious activity, are crucial for maintaining a strong security posture.
I’m often asked which of the latest headline-making technologies should organizations be concerned about? Or what are the biggest threats or security gaps causing IT and security teams to lose sleep at night? Is it the latest AI technology? Triple extortion ransomware? Or a new security flaw in some omnipresent software?
And I reply that the truth is that breaches — even big, expensive, reputation-tarnishing breaches — often happen because of simple, mundane things. Like buying software, forgetting about it and neglecting it to the point that it’s not patched and ready to be exploited by a threat actor, making your company the low hanging fruit.
Nobody likes to brush their teeth and floss. But it’s that type of basic personal hygiene that can save you thousands and even tens of thousands of dollars in the long run. Cybersecurity hygiene is no different. Rules like “clean up your mess” and “flush” are equally critical to maintaining a ‘healthy’ security posture.
Flush…and clean up your own mess
In IT operations and maintenance, as in personal hygiene, you’re responsible for cleaning up after yourself. If you buy a piece of software, don’t let it stand and rot in a virtual corner. Make sure you have an established routine to keep informed on the latest threats, run regular vulnerability scans and manage the patching of your systems (including networks, clouds, applications, and devices).
Trust but verify
When it comes to colleagues, your direct reports, vendors you’re doing business with, and even customers, we all want to trust the people we interact with. But can we? In the age of quick online transactions, whether social or enterprise-related, err on the side of caution. Verify the person you’re dealing with is real, that backgrounds check out and get references when you can. Trust but verify.
Look and pay attention
Incident management might feel laborious and mundane. But security incidents, like a suspicious email or phish-y link or shady executable aren’t a big deal until they become a big deal. With stealth mechanisms meant to keep things quiet and ‘boring,’ it’s all the more reason to take a good look when something doesn’t smell right.
If you buy something, you’re responsible for it
No one will write a poem about the beauty of software lifecycle management. Still, whether it’s cloud products like IaaS or SaaS applications, you need to make sure your products are being maintained, updated and patched. It’s just like buying a car: You buy insurance, get your tires checked and get an inspection sticker to certify it’s ‘drivable.’ In IT, if you buy it, make sure it’s maintained and in good shape.
Take comfort in someone or something
We all need a way to unwind — even more so if you’re in a high strung IT/security job. Opt for a way to let off some steam that doesn’t compromise your health.
Don’t take things that aren’t yours
If you’re in a position to access or even exploit other systems or someone’s data as part of your incident analysis and investigation work, remember to play by the rules. Stay on the right side of the law. Don’t take offensive security measures and don’t retaliate. And don’t take things that aren’t yours.
Play fair, don’t hit people
Other companies and vendors will mess up. Stay respectful on the internet. And mind your comments.
When you go out into the world, watch out for traffic, hold hands and stick together
When you’re handling a high-severity incident, it may be easy to forget about the people on your team. Remember that humans are the weakest links. As your team races against time to get to the bottom of an attack and stop it, remember that you can only push people so far before they break. So, when you head out into the wild, be there for each other and support your team.
Share everything, including knowledge and training
If you hire staff, you need to educate them. Whether they’re the SOC team or Sally from HR. Everyone needs to know the rules. Make sure you’re running regular awareness training. And if you have a security operations squad, set regular tabletop exercises, such as red team-blue team contests and breach and attack simulations.