http://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-top-16-security-predictions-for-2016.html
http://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2016
https://blogs.sophos.com/2015/12/11/our-cybersecurity-predictions-for-2016/
Mostly, these top 10 lists end up being an enjoyable read, and nothing more. They contain predictions similar to the following:
1) <<Popular platform/OS>> Will Be hacked!
2) IoT is really insecure!
3) We hope legislators will finally listen to us and make security a regulation!
4) <<Popular hacking method>> will become more popular!
Don't get me wrong, getting the information out there is important, but I think most readers skip past these. What do some of these things mean for the average user?
So, I've decided to take a little bit of a different tack and address different user groups and focus on the "thing" or task they should do in 2016.
Individual User
As an individual user, there are two things that I would strongly recommend doing his year.
1) Use Multi-Factor Authentication (MFA)
MFA has come a long way in recent years, allowing people to bypass MFA on known devices. They are really working out the kinks in the system. Further, for a lot of people, their phone is the center of their universe anyways. Turn on MFA on as many applications as you can. In fact, don't use services that do now allow for MFA.
While this does introduce new problems should your phone get stolen, I feel that overall it is a step in the right direction.
2) Link your accounts with providers such as Google, Facebook, etc
By linking your accounts on secondary services with one single main provider, you start to reduce the attack surface on your accounts. There are less of them, and the one that you choose to have as your provider can be secured with a strong password and MFA (See 1 above). Further, many of these providers have advanced reporting and alerting to help detect security issues. In a lot of cases these features are free. Use them!
Small / Medium Business (SMB)
Here are a couple things for SMB users to consider this year.
1) Centralize your identities online
The SMB space is heavily reliant on cloud services to run their business. Many even use services such as box/dropbox to move/host files around. My word of advice: Centralize access to these systems and create a policy for your employees. From an SMB perspective, your data holds a lot of value to you. Having employees use their own accounts means that you lose control over access to that data. Take that back by using mechanisms such as Azure AD Premium or Google Apps.
2) Push your IT provider on Security
Many SMB customers use outsourced IT. Sometimes these are single-person shops, other times they are using a managed service. In both cases, push your provider to better understand how they are securing your systems. Some of your questions may include
- How am I secured against ransomware?
- How are passwords managed?
- What are your on-boarding and off-boarding measures?
- What type of security software and monitoring is in use on my systems?
Enterprises
Ultimately, it is tough to provide enterprises with specific advice as where they are in the spectrum will vary greatly.
1) Have your CISO report directly to the CEO
Risk and the management thereof is important. So important that the person responsible for this should have a seat at the big table. Too many times CIOs bury security issues by speaking mis-truths, cutting budgets, and allowing projects to go forward knowing the security stance is poor. Audit (generally security teams when the topic is security) cannot exist as part of the structure it is auditing.
2) Implement one of the first 4 SANS top 20 controls
There may be many gaps in your security posture. It is sometimes really hard to figure out where to start. The right way to do this is to work through the security architecture from top to bottom making sure that everything maps. While there are quick ways to get this off the ground, generally these tasks take a LONG time to complete. ( See SABSA Whitepaper for more)
For reference, the top 4 are as follows
- Inventory of Authorized/Unauthorized Devices
- Inventory of Authorized/Unauthorized Software
- Secure Configuration For All Devices
- Continuous Vulnerability Assessment and Remediation
In conclusion, there is no silver bullet for security. But there are things that we can start doing that will help us better last the ever evolving security landscape.
No comments:
Post a Comment