February 2, 2018
Ed Snodgrass, CISO, Secure Digital Solutions
Are you thinking about your 2018 cybersecurity roadmap? Before you begin let’s look at the year prior.
2017 was a busy year for cybersecurity professionals and the organizations they’re chartered to protect.
Attack surfaces increased significantly due to the rapid expansion of cloud infrastructure and cloud-based services and applications, data center virtualization, and the addition of millions of connected devices, forcing companies to extend their security posture externally in an attempt to protect an ever-dissolving perimeter.
2017 also saw a huge increase in the commoditization of ransomware. Ransomware-as-a-service and malware-as-a-service can now be purchased on the dark web in addition to a service known as fully undetected that allows cybercriminals to upload code and malware to an analysis service for a fee. Upon completion of the analysis service, uploaders receive a report detailing whether commercial security technologies can detect it, allowing for refinement of the malware to better defeat security tools employed by a targeted organization.
Security ‘housekeeping’ suffered significantly in 2017. Inefficient/ineffective patching and failure to sunset potentially vulnerable legacy apps and processes contributed to the vast number of exploits that targeted known vulnerabilities. WannaCry targeted vulnerabilities for which the respective vendors had already released a patch. On its heels, Petya targeted the same fixable vulnerability.
Bottom-line? Cybersecurity is a tough gig – at every level. There are, however, some things that can make a difference in terms of creating and enhancing an effective cybersecurity strategy despite the dynamic landscape. I recently read an article about cybersecurity in 2018 that quotes, among others, Lenny Zeltser, Vice President of Products at Minerva in which he talks about some of the cybersecurity strategy ‘difference makers’. While I could provide my take, I think Lenny does it extremely well. He suggests the following:
- Evaluate the gaps that exist in the current security controls and processes.
- Determine if there is any additional protection to be gained through configuration of existing security tools or implementing controls and features that aren’t currently being used in the products you already have.
- Consider whether any new security investment adds unique value and ensure that it doesn’t simply overlap existing security controls.
Our team here at TrustMAPP agrees that the three points highlighted by Mr. Zeltser are key to having a successful security strategy. This is why we’ve done our part in automating cybersecurity program strategy activities, improvement tracking, and reporting.
Learn more about TrustMAPP, and find out about our upcoming demos and offers at www.trustmapp.com