We Have Enough Security…Why Do We Need More?

You can never have too much security, can you?
Definitely, you can have too little.
Often people will tell us that they have anti-virus or a firewall, so they are fine. This is wrong for two reasons.
First, anti-virus and firewalls are not enough. An anti-virus will only stop known viruses. They won’t contain new or unknown viruses or anomalous behavior. And a firewall won’t block something that is already in your system.
Second, and probably most importantly, this is a false sense of security. If you think you are protected, you will likely not try to improve security or be careful of risky behavior. A flu shot will protect you from the flu but not from measles, cancer, heart attack, or a broken leg. And you certainly wouldn’t assume you’re fully protected with that flu shot and smoke for 40 years, eat fast food all your life or jump off the roof of your office building.
Having a defense-in-depth cyber security program will protect your organization. This includes more than just the technical tools.
Defense-in-depth means having a comprehensive, cohesive security program. Just layering one thing over another is not good enough. You will likely leave gaps that are unprotected. Here are the areas that should be included in your defense-in-depth security.
People – Your people can be your biggest threat or your best defense. The three most essential tools to ensure they are part of the security team are Training, Training, and More Training.
Policies – Make sure you develop and foster a culture of security. This means having policies and supplemental procedures that you promote and enforce. This includes periodic password changes, required use of MFA, scheduled updates/patching, procedures for onboarding new employees, ensuring legacy accounts are terminated, implementing a least privilege policy, etc.
Device Protection – Using an endpoint device protection and response (EDR) technology for workstations and servers to identify malware, stop it, and prevent it from infiltrating the network.
Network Threat Detection – Security Information and Event Management (SIEM) to detect threats and respond quickly to protect the entire network.
Secure Operations Center (SOC) – A 24×7 staffed SOC using both AI and human analysts to continuously monitor logs for malicious or anomalous activities to elevate appropriate alerts.
While many of the tools needed for implementing a comprehensive defense-in-depth cyber security program are available online, it is better to ensure a cohesive approach and not a patchwork system of defenses. Using a Managed Security Services Provider (MSSP) will allow for a holistic approach with the best tools and experts watching out for your security, enabling you to do what you do best and continue with the daily operations of your business.
CYBER NEWS
CISA Points to Water Sector in Seeking $80 Million More for FEMA Grants
CISA Points to Water Sector in Seeking $80 Million More for FEMA Grants
CISA and FEMA are currently rolling out the first of $1 billion the Homeland Security agencies got in Rescue Act funding to help state and local entitie…
www.nextgov.com • Share
White House to boost support for quantum technology while boosting cybersecurity
White House to boost support for quantum technology while boosting cybersecurity
The White House on Wednesday will announce a slate of measures to support quantum technology in the United States while laying out steps to boost cybersecurity to defend against the next generation of supercomputers.
www.reuters.com • Share
FBI says business email compromise is a $43 billion scam
FBI says business email compromise is a $43 billion scam
The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021.
www.bleepingcomputer.com • Share
Twitter may have given user’s private data to a ransomware hacker, who then ran a researcher offline – CyberScoop
Twitter may have given user’s private data to a ransomware hacker, who then ran a researcher offline – CyberScoop
If true, it’s just the latest example of phony data requests used for illicit purposes.
www.cyberscoop.com • Share
TIP OF THE WEEK
Cyber Security for Sports Betting Online
And they’re off! It’s Derby Weekend here in the Bluegrass, so we thought you should be aware of cyber threats if you do any online sports betting on the ponies.
1 – Only use a licensed website for online betting
2 – Use a unique, complicated password and MFA if available
3 – Use a site that requires online verification (e.g., driver’s license, passport, etc.)
4 – Be sure to bet on our hot Derby pick…Cyberknife!
Good luck!
VOCABULARY WORD
Defense-in-Depth: Also known as layered security, entails implementing layers of security controls (technical, policy, and personnel) to protect, detect and mitigate attacks on systems and networks to ensure that there is not a single point failure (i.e., if one control fails, another one will protect the system)
CYBER HUMOR