Top Five Strategies for Upgrading Your Security Posture
Sophisticated cyber-attacks, breaches and disclosures are becoming the new normal. The security paradigm is on a steep trajectory for continual change with challenges and obstacles. Our network speeds are increasing, data is migrating to the cloud, more data needs to be shared, and employees are bringing their devices to work.
Given the rapid change, we must upgrade our security posture to meet the challenges of today and tomorrow. The bad guys are playing a smarter game and thus we must transform the way our organizations behave. If you are responsible for modifying organizational behavior and increasing your security posture, here are five strategies:
1. Transform Data into Intelligence
During the legacy security paradigm you were urged to log everything, which meant you had BIG DATA about any and every security event that occurred in the ecosystem. Moving forward, your data must be transformed into intelligence while the enterprise needs to be aligned with data and context-centric security. Forensic intelligence will help you reconstruct activities, determine if an incident is in progress and provide network and systems usage baselines. For example, you will never make sense of a security breach without a complete record of every last packet after the fact. Armed with this intelligence, you can determine if the attackers merely infiltrated a system, versus exfiltrating confidential data.
2. Subscribe to a Threat Modeling Culture
It is imperative to understand what threats can and will affect your organization to properly protect the correct assets. For example, examine how you can defend against advanced threats across all seven stages of the threat kill chain. How do you fare against insider threats and mobile device threats (tablets, laptops, smartphones, etc.)? Can you identify your enemy? Do you know your blind spots?
3. Transform to the Next Generation Security Model
Redefine the defense-in-depth approach to defense-in-context. Evolve your protection strategy from focusing on systems to focusing on the data itself. Below are three keys to this transformation:
- Ensure that your strategic security solutions are sharing the same information and intelligence.
- Migrate from monolithic point solutions to multi-staged or multi-domain solutions. It's a game of chess. You must have a multi-prong defense. Know your pieces on the board, how they move and never forget the object of the game-protecting your data.
- Consolidate commoditized solutions and use your funding for components that increase your posture. Evaluate your current investments by measuring their effectiveness and relevance. For example, it's time to reprioritize if results indicate the security tools are not aligned with the transition to a data-centric security model.
4. Align Security Initiatives with Business Requirements
Position security in the correct context-it's a business problem.
Security initiatives and outcomes are often not aligned with business initiatives. I cannot emphasize this enough. Sell the security program and communicate your successes internally. Demonstrate how you are saving the company money by preventing a data breach, reducing help desk tickets, enabling remote workers, etc. It will lead to increased buy-in and ultimately, funding.
5. Develop a Culture of Security Inclusion and Accountability
Transform your users from your greatest vulnerability to your volunteer security team. Show them what's in it for you, the company, and most importantly what's in it for them. Get their attention with frequent streamlined communications (newsletters, short videos, etc.). Develop programs that recognize and reward them for a job well done. Put methods in place to test your user-based posture, systems posture and track your progress. Remember, you can have the best technology and security program but without the user component you will find the improvement of your posture in a phase of stagnation.
Have any questions about these five tips or any additional ideas? Feel free to leave a comment and we can discuss.
This story originally appeared on eSecurity Planet.