By Admin / August 5, 2019
Some of the greatest threats to IT security and what businesses can do to address them.
Automating responses to security threats
Question: There’s a lot of talk about automating security to counter the automated attacks by bad actors on the internet. What are your views on this? Is automation enough?
Answer: It certainly helps to automate a response to known bad actors when we know them by reputation. This would include, WannaCry SQL Slammer, Petya/Not Petya, or any number of other viruses. Our virus and anti-malware applications have been doing that for decades.
We can also automate a response to known bad behaviors such as 400 log-in attempts in a minute. No one can type that fast, so we can be pretty sure that’s just some scripted bot doing a brute force attack that pounds on your active directory to try to login.
We know about these things and can and do automate responses to them to protect systems and data. It’s the unknown, those new attacks or approaches developed by someone with no reputation, that we need to fear. There isn’t much you can do to automate a response because you don’t yet know what to look for.
Protecting against the unknown
Question: So, if you can’t automate against the unknown, what can companies do to protect themselves?
Answer: The IT security threat landscape is evolving so rapidly it’s hard for most organizations to keep up with known security threats. That’s where working with a managed security services partner like TierPoint can help. We have certified and experienced IT security professionals who spend all day keeping our customers’ systems secure.
But if you really want to build a strong IT security perimeter around your organization, you’re going to have to strengthen your weakest link. I hate to say it, but that’s probably the people in your organization.
If you really want to build a strong IT security perimeter around your organization, you’re going to have to strengthen your weakest link.
Think about it. No automated system ever clicked on a link in a phishing email, but plenty of people who ought to know better do that every day. The reality is, no matter how much training you provide your people, you never know what they’re going to do, but that doesn’t mean you should stop trying.
That’s where we get into security hygiene. The average person brushes their teeth every morning before they go to work. It’s become a habit that most of us don’t even think much about. But it didn’t start out that way. If you grew up in my house, you learned to brush your teeth when you were about two or daddy did it for you. As you grew older, you realized that brushing your teeth properly saved you the pain and cost of getting cavities filled. Eventually, you may even get to the point where you realize that flossing daily can help you keep the teeth you have and that becomes a habit, too.
Good security habits are like that. Initially, we create IT security policies and force things like password management on to people. Or maybe we need to regularly remind them not to click on links in emails from unknown senders. It may take a combination of repetition, threats, security policies and automated procedures, but eventually, our goal is to turn these things into habits.