When it comes to cybersecurity, there’s one constant that business leaders can agree on: The threat landscape is ever evolving. As a result, Gartner forecasts that in businesses worldwide will spend more than $124 billion on information security spending in 2019. However, not all organizations have a large budget to spend on protecting their businesses. In the greater Boston area, the business community is focused on putting the right security services into place to help each of their organizations build a solid security foundation. Below are six services we recommend that you consider to build a strong security position.
Pre- and post-security and vulnerability assessments
If you aren’t aware of the threats your organization faces and the vulnerabilities that are present, it’s difficult to know which areas need your resources. Security and vulnerability assessments don’t just tell you what you need to address. When conducted properly, you will have a better understanding of what threats should be prioritized and which ones pose less of a risk.
After a thorough assessment conducted by security professionals, the assessment should provide an outline of what you need to address, an idea of what can happen should a vulnerability be exploited, and what actions are needed to fix it. Once you have had a chance to address the pre-security assessment to set your baseline, you will need to conduct a post-security assessment to ensure you have addressed everything as well as to identify any new areas of concern.
Incident response plan development
It is a growing probability that your organization will face some sort of cyber event. Cyber events can occur due to a natural disaster, an outage caused by technology, or a full-blown cyber attack. Regardless of the cause, your organization needs to have a response plan to respond to any type of incident that may occur.
When creating this plan, it is important to ensure that all stakeholders know their responsibilities for any type of incident. Simulations and scenarios are helpful as a way for everyone to get comfortable with the response plan and also test the effectiveness of it. After all, you don’t want to be in the midst of a critical outage, only to find out that your plan doesn’t pass the test.
Intrusion prevention and detection
Intrusion prevention and detection (IPS/IDS) may be one of the most important pillars of a solid security foundation. It also may be one of the most difficult responsibilities for an organization to handle.
IPS/IDS solutions hunt for threats aimed at bypassing technical security controls and are programmed to stop them. The right solution will also alert the proper stakeholders when it finds something of note so that the right action can be taken.
The difficulty that organizations have managing these solutions is finely tuning the solution to meet organizational needs. These specialized solutions require a specific technical knowledge based on the vendor and the provider must have experience locking down an organization tightly. If the solution’s controls are set too loosely, your company can face security gaps. However, if it the controls are set too tightly, it may create too many false negatives—keeping people from doing their jobs because data is prevented from moving in and out.
Remote access and mobility
The number of remote workers has increased more than 140 percent since 2005. More companies are embracing a remote workforce while constantly connected mobile devices means employees can work during almost any time of the day and from any location. The emergence of cloud solutions provide access to data, software, and systems; even working at a desk can create a situation where remote access is required.
Giving employees remote access to your systems means that an attacker has the ability to exploit this remote portal as well. To capture the benefits of remote access, you need to have a secure foundation that protects your environment—the right solutions will protect your employees’ devices and vulnerable areas in your company’s connected systems.
One mistake that organizations can make when it comes to building a strong foundation in security is to forget about the endpoint. Dollars and efforts are spent to secure the perimeter, network resources, and web services but the device that is used most is often left unprotected. Companies may also have the impression that their anti-virus solution provides enough security.
Endpoint protection may include anti-malware, but endpoint protection should also include the following:
- Patch management
- Configuration management
- Application controls
- Data loss protection
For additional protection, a host-based intrusion prevention solution can further keep out cyber threats from compromising your systems.
More than half of all data breaches are the result of stolen credentials. When attackers own user credentials, they can make their way through the network, eventually gaining access to the information they consider valuable. Enforcing strong or diverse passwords can only help so much. In order to add an extra layer of security, your company should put multi-factor authentication (MFA) into place. MFA requires the end user to provide additional proof that they are authorized to access the system. In addition to a username and password, the user is required to give verification from a mobile device or a one-time use code. This type of security adds another authentication layer so you know that when someone is accessing your data and systems, they are the ones who should be there.
Building a strong foundation in cybersecurity is not easy. Many of the solutions that you find require a high-skill level specific to its technology. There are also many solutions in the market that don’t quite live up to the hype that they promise. If you don’t have the right people in place to manage, configure and identify the right solutions for your organization then all the budget and tools in the world may not help you. If your Boston-based organization lacks the resources required to build a strong security position, your best bet is to turn to one of Boston’s managed service security providers to help you put the right solutions in place and manage them correctly.