It’s every executive’s worst nightmare: becoming the next Target- or Anthem-style data breach headline. But aside from just hoping and praying that you won’t be the next victim, you can take some very practical and actionable steps to keep your organization safe and to ensure that, if you are breached, you’ll know right away.
Here are our top five tips for keeping your company out of the security headlines and in your customers’ good graces.
1. Know Your Vulnerabilities
One of the most important things you can do is have a realistic view of your organization’s vulnerabilities. It’s crucial to continuously monitor workloads for new vulnerabilities. Often, developers or other team members will install software that may or may not be pre-approved, and sometimes this can introduce vulnerabilities into your systems. Having in place a vulnerability management program that can identify these weaknesses will help you deal with them before it’s too late. Check out this post about why you need to “know” your workloads to stay secure.
Of course, not all security vulnerabilities can be fixed. Sometimes you just need to know how to mitigate and monitor. And you can’t do that unless you know what the vulnerabilities are, where they exist, and why they can’t be fixed. Here’s what to do when you can’t fix a security vulnerability.
2. Don’t Underestimate Insider Attacks
Insider threats are a lot more common than most organizations want to admit. The reality is, you don’t need to be a huge corporation or government, and you don’t need to have reams of top-secret data to be a target for an insider attack. According to the Ponemon Institute, insider activity is the most expensive ongoing threat, and it can cost companies an average of $144,542 each year.
In 2014, eBay made a splash in the headlines when 145 million of its users’ passwords and other data was stolen via a major insider attack. Hackers got in using the credentials of three eBay employees. Bad news for sure — but a good reminder that sometimes the call is coming from inside the house — and you need to be prepared.
That said, it’s also key to remember that not all insider threats are intentional; sometimes it’s a matter of users being careless or not fully understanding the rules. Regardless of intention, it’s important that your cybersecurity defenses keep this common type of attack in mind.
For more detail, here’s what you need to know about insider threats and how you should prepare.
3. Build Security Workflows That Work
Security point solutions can, in some cases, introduce more problems than they solve. When you have dozens of tools, employees with different directives, and unclear processes, security can quickly turn into a morass of complexity.
On the other hand, an efficient security organization is far less likely to overlook indicators of a major breach and thus far less likely to wind up in the headlines. So, if you want to keep your company off the naughty list, you need to spend some time making sure that your security workflows actually work.
In our view, it’s a matter of using a comprehensive, integrated cloud-native security platform like Threat Stack that incorporates all the key security functions into a single pane of glass. That way, you don’t have to spend valuable time toggling between tools trying to piece together disparate bits of information to paint the bigger picture. It keeps your workflows flowing so you can get back to the task at hand.
4. Keep Pace With the Rest of the Organization
Let’s get real: The rest of your business isn’t going to slow down to accommodate security. So if you want to ensure that your organization is running securely, you need to move as fast as everyone else, including DevOps-focused delivery teams.
Security-enabled DevOps is a mindset that can help you integrate security workflows into the broader production cycle. And it goes both ways: Integrating security operations into your existing DevOps workflows means both applying DevOps principles to security and incorporating security into the development and operational processes. Make sure your security team is directly involved in the development process from an early stage, and you can achieve velocity across the entire organization. You can read more about this in How to Apply DevOps Culture to Security.
5. Educate & Empower Employees
Finally, a major step that many organizations fail to take when it comes to security is educating and empowering employees. Remember what we said about insider threats earlier? Again, whether the threat is intentional or not, insiders can be a source of vulnerabilities if the right security precautions aren’t put in place.
As Snapchat learned the hard way, even tech-savvy employees need a refresher from time to time on common attack vectors like phishing emails. It’s a good idea to set up regular, in-person training sessions where employees are tested on their comprehension of where vulnerabilities can be introduced and how cyberattacks go down. Keep it lively and informational so people absorb the lessons, and be sure to use real-world examples, so employees understand that this isn’t just a hypothetical. Most of them don’t want to see your organization in the breach headlines anymore than you do, and they certainly don’t want to be the source.
The Game Plan
Attacks are evolving every day, and it’s impossible to know where the next one aimed at your company will come from. That’s why security precautions like the ones outlined above are so critical.
An ounce of prevention is worth a pound of cure in the world of security. So button up your posture by making sure proper systems are in place. And make sure that the right knowledge is in place as well, extending across all operating groups and down to each individual so your employees can understand security risks and play a part in ensuring that your organization is secure.