Recently, I attended DEF CON, the largest hacking conference in the world, and saw how cybercriminals can access anything under the sun. In session after session, I watched as everything from medical devices and cars to computers and the Internet of Things (IoT) were successfully infiltrated.
The entire time, our clients were top of mind, and I was thinking about what the best strategies were to protect them from everything I was witnessing. To help keep Arizona businesses secure, I wanted to share my top 3 IT security tips from the conference.
1. You Need to Adopt the ‘Assume Breach’ Mentality
“Assume breach” isn’t a new concept. It emerged about a decade ago in the cyber security community and represented a shift from traditional security thinking, which was largely focused on preventing attacks from being successful. The assume breach mentality adopts the premise that you’ll inevitably be the victim of an attack (if you haven’t been already), so your focus and investments should be on detection and response.
It’s a mantra we have been preaching to business owners for years but many companies, especially small and medium businesses (SMBs), have not made the necessary cyber security investment. This status quo cannot continue. After sitting through dozens of sessions over 4 days, it was very clear to me that the bad guys will be successful at compromising your systems if they try. Your objective is to figure out when they are where they shouldn’t be and kick them out as quickly as possible to minimize the damage.
This was my No. 1 takeaway from the event. SMB principals must adapt to this way of thinking. The saying goes “there are two types of companies in this world – those that have suffered a security breach and those that just don’t know it yet.”
2. Patch to Prevent Problems
When companies like Microsoft realize a flaw exists in a supported operating system, they release a patch. It then becomes your responsibility to update your hardware and software. A recurring theme in many of the presentations I sat through was how incredibly common it is for attackers to successfully exploit announced flaws in systems that hadn’t been updated.
Cybercriminals frequently capitalize on flaws because they know companies are not vigilant about installing security patches, changing insecure configurations or updating their systems. It is why we continually stress the importance of setting standards and procedures to manage and secure your systems. If you need to adhere to regulatory requirements, patching is necessary to maintain compliance.
Whether you’re a large corporation or small business, we recommend you regularly audit your environment to ensure you meet compliance. At itSynergy, our standard has been branded as SynergySafe and began over a decade ago during our work as subject matter experts on a project with Microsoft to define how to configure and run their technology in SMB environments. By reducing items like patching to a written checklist which is executed and audited regularly, we can ensure it is done consistently over time.
3. Trust but Verify in the Cloud
The very last session I sat through was titled “I’m In Your Cloud…Pwning Your Azure Environment.” “Pwning” is slang hackers use and means they have completely compromised your systems and have gained the ability to take any action they would like.
What was most interesting about this session was the observation the presenter made in the introduction. The speaker stated most people, including members of corporate IT security departments, have decided to give the cloud a free pass regarding cyber security. They assume their cloud-based systems are inherently secure and don’t ask questions of cloud vendors or push for heightened security.
The presenter then walked through a series of steps outlining how hackers can exploit Microsoft Azure’s configuration for malicious purposes. The demonstration was highly technical but the takeaway for business owners is simple: just because your data/systems are “in the cloud” –even if hosted with a big-name provider like Amazon or Microsoft – don’t assume all is well. You need to be more vigilant with cloud systems because they’re accessed over the internet and more readily available to bad actors.
IT Security Tip: Build Your Blue Team
In the security world there is a concept of a “red team” and a “blue team.” The red team is the offensive side of a cyber security breach, they’re the attackers. The blue team represents your IT experts on the defensive side of the equation. They’ll work for you to stop attacks from happening. When and if you are attacked, they’ll detect when a breach has occurred and kick the bad guys out as quickly as possible to minimize the impact.
In that sense, itSynergy is the “blue team” working on behalf of our clients. We attend conferences, like DEF CON, and closely follow industry developments to apply the latest security best practices to your business. We want you to be ready to stop an attack, have up-to-date, compliant systems and be confident in the security of your cloud-based solutions.
Ready to step up your security plan and build your blue team? Contact us today.