July 13, 2020
The past week saw the US Cyber Command warning organizations about a major security bug in PAN-OS, Palo Alto Network’s operating system that runs on firewalls and enterprise VPN appliances. The CVE-2020-2021 defect was given a 10/10 score on the CVSSv3 severity scale, meaning that the vulnerability was both easy to exploit and could be exploited remotely. Threats like this are becoming more and more common as technology evolves.
It has become increasingly difficult to keep up with all of these technological changes and even more difficult to keep up with the evolving security threat landscape. Still, organizations must take the necessary steps to protect their data and improve their cybersecurity footprint, starting with the implementation of robust IT security policies. In the current threat landscape, it’s better to be proactive than reactive.
Prevention, detection, and response should be the top priorities when organizations think about cybersecurity. Here are what organizations can do to create secure IT environments:
Understanding Existing Security Policies
While it may be tempting to jump right into it and create what you may feel is the strongest policy, it’s important to look back and review past and current security strategies to understand what works best for your organization. What made prior policies ineffective or inefficient? Can these inefficiencies be remedied, or do new policies have to be implemented?
Having a solid grasp on past and current policies will help assess the current state of a company’s security environment. This is a good way to gauge what your policies should encompass, creating a preventative safeguard.
Understanding Areas of Vulnerability
Every industry is different and has different security standards and regulations. Depending on who you’re doing business with, compliance with standards like SOC II and III, HIPAA, and PCI are a must have. Getting certified is no easy feat, and to maintain compliance organizations should understand what major threats and weaknesses exist.
For a HIPAA compliant organization, a data breach can be incredibly damaging. Losing PHI (Personal Health Information) puts many people at risk. Organizations must identify what preventive precautions must be taken in order to create the strongest possible line of defence. Different standards mean different approaches to security. For example, the healthcare industry frequently requires HIPAA compliance from all of its stakeholders and service providers, whereas the retail sector often requires PCI from its credit card processing vendors.
Making IT Audits a Habit
Regularly conducting IT audits is a good way to measure compliance; it ensures that staff and management are following your protocols and policies. These audits aren’t just for monitoring compliance; they assess the overall technological infrastructure to make sure that an organization’s processes and systems run efficiently as well as correctly. These audits can also highlight any IT related issues that fall under the radar, especially possible security risks, catching them before they happen.
Creating Strategic Response Plans
Prevention alone is not enough – organizations must have prepared responses for all potential and likely emergency scenarios. No IT infrastructure is bullet-proof, so when a vulnerability is exposed, organizations must be able to react accordingly. This includes a set of standard operating procedures which cover the symptoms of any exposed vulnerability and how to address it in the most efficient manner possible, while following industry and regulatory standards for response and communication of threats to clients and stakeholders. Knowing that there are steps to follow allows people to act calmly and rationally during a time of considerable duress. Changes in cybersecurity are hard to keep up with, but preparation like this is crucial to keep your data and business safe.
IT security should be a top priority for organizations. It’s important to stay up to date as technology and cyber threats evolve. While not every threat or risk can be stopped, organizations should focus on prevention, detection, and their response plans when assessing their IT security strategies. Understanding existing security policies, weaknesses, conducting regular audits, and having response plans in place all make mitigating an emergency much more trouble-free.