Our CEO would contend there is an alternative approach to the cyber security talent shortage. Most breaches occur because computer systems are easy to breach and people make mistakes. Compare the number of breaches based on operating systems. Linux and UNIX variants are more difficult to breach than Windows, especially if you keep them patched. Which means we need to focus some time and effort on Windows, shoring up its weak defenses. The good news is, Windows and Linux can be hardened far more than their standard configurations. We simply have to take the time to learn what is misconfigured and correct it.
Everyone should also take time to implement a simple cyber security plan. Stop trying to boil the ocean and hire a certified security person you can’t afford. Learn how to implement the top five most important cyber defenses or if you don’t know what they are or how, contact a reputable cyber security firm and have them create a simple, usable, affordable plan.
What are the first five steps to a good cyber security plan?
- Make sure the backups are working and you can restore from them.
- Keep the backups encrypted, offsite (in the cloud), and disconnected from the network.
- Perform a thorough cyber security assessment (HIPAA SRA, NIST SP 800-171, etc) and include a configuration and vulnerability scan of each type of operating system (computer).
- This is not a lightweight network scan. This is an intense operating system vulnerability and configuration checking scan. We use one with over 300 tests. Most Windows systems pass less than 30% of these tests.
- Harden all of your operating systems’ and network devices’ configurations based on the scan results from step #2 and ensure automatic patching is turned on where possible.
- If you have software applications that don’t allow you to keep your operating systems patched, you need to implement a plan to move off those software applications.
- Implement current cyber security training of all employees that touch valuable data.
- Include identifying phishing campaigns.
- Inventory and map your valuable data at rest and in motion.
- Verify it is secure and encrypted at all times.
- Inventory all network devices so you know to check them for data (and yes this could be considered another step.)
Obviously, there are other steps to be addressed and performed but these five steps will greatly improve your cyber security stature, confidence, and resilience.
If you purchase a security risk analysis (risk assessment) from a firm, they should include a technical scan of your operating systems as it is the only way to know what needs to be reconfigured on the operating systems. If you purchase policies and procedures, they should include a risk management plan, a security plan, a contingency plan, and a breach notification plan.
But most of all, realize, cyber risk management and cybersecurity are not just about security. You need to take a holistic approach, including leadership, employees, processes and technology.
Contact us today – 512.310.0020 or info@thirdrock.com for more information on completing a security risk assessment, developing a risk management program, or becoming a Partner to make these or related services available to your clients.