It is widely understood that common sense is not common. It’s more frustrating when the procedures used by several organizations to prevent cyber attacks lack the use of common sense. Recent research are documented by this article on the frequencies at which organizations that are large that are many scan their networks to spot vulnerabilities and increase their security posture. While zero-day strikes (malware introduced to the cyberspace for which countermeasures have not been developed) constitute approximately 13% of all the vulnerabilities (Ponemon Institute, 2014); the remaining 87 percent are well known and countermeasures exist for preventing them. The article explains a number of the complacencies of several organizations in fighting cyber threats and provides some tips for protecting the information and communication systems which support private and government organizations from cyber attacks.
Current tools which just alert the IT team to respond to information on cyber threats are insufficient to deal with the massive volume and sophistication of contemporary cyber threats. Therefore cybersecurity solutions which can forecast and stop threats on the networks are required to address the limitations of traditional hazard management tools. Recent attempts to secure the cyberspace have resulted in generating big public databases of vulnerabilities in NIST and Symantec. Access to vulnerabilities databases is the initial step in threats to these networks, but it will not reduce the frequency and damages brought on by cyber-attacks unless network administrators are equipped with security tools. Those attempts are not being helped because organizations and consumers are slow to employ printed security upgrades.
Alarming data from market surveys: Published reports from recent studies by two independent market research organizations on the frequency of full-network active vulnerability scans (a.k.a. credential scanning) provide some rather disturbing statistics. The 2015 Cyberthreat Defense Report on 814 associations by the CyberEdge Group along with the 2014 poll of 678 US IT Practitioners by the Ponemon Institute, LCC arrived regarding many organizations’ complacency at very similar results. Their findings show the following Annually: 14%: 4 percent; Weekly: 11%; Monthly: 23%; Quarterly: 29 percent; Semi-annually: 19 percent; and active scanning frequencies: Daily. A significant number of organizations scan their networks to be compliant with Government regulations with very little attention to risk management. The reports show that about 38% of these associations scan their networks . Organizations which promise to execute constant scanning perform scanning that does not offer a detailed picture of the vulnerabilities of the network components. Even the most recent directive from the White House to government agencies to tighten security controls in reaction to this hack of the Office of Personnel Management (OPM) urges the agencies patch any security holes in reaction to the record of security vulnerabilities provided by the Department of Homeland Security every week. (Lisa Rein, The Washington Post, June 16, 2015).
The need to focus on automation rather than relying on human capital: Scanning the networks generates a massive number of vulnerabilities that must be analyzed to gain intelligence about the system otherwise called Situational Awareness. Alerting the system administrator to react and publishing the nodes that are most exposed isn’t effective. It makes no sense to anticipate the mind to process over 300 vulnerabilities without anticipating a brain freeze, and employ countermeasures every day. Rather than lamenting on the shortage of personnel or cybersecurity experts, a significant amount of resource has to be devoted to processing automation. Instead of rely to perform penetration testing following the vulnerabilities are identified, tools that create possible attack paths and prevent attacks ought to be the focus. Moving IT Forward – Enterprise IT Solutions | ProSphere
Defense in Depth: The idea of defense in depth is widely understood by cybersecurity professionals and should be applied. Harden or to shield each node on the community, it’s essential to employ at least five strategies. I) Employ up-to-date anti-virus software that may purge both known and unknown malware. 2) Control the use of certain devices (like disabling the blue tooth on your notebook ) in public especially in the airports and Coffee stores; 3) Encrypt the hard drive and the media to protect stored data (lessons from Sony and OPM); 4) Control software to prevent un-trusted changes (e.g. SQL injection); and 5) Patch management to make sure the system is running the most current software. Defending in Depth is called Host-Based Access Control in certain quarters. Once the host was protected, diligent efforts should be forced to defend the community (i.e.( connected nodes).
Almost every week, we read concerning the vulnerabilities of the government and private networks and the substantial cost to the economy, intellectual property, and privacy of all people. Government agencies and many established companies expend a substantial amount of funds deploy and to develop cybersecurity tools, yet the attacks continue. Why one may ask. While most of us understand that the issue is hard, there are some steps that we will need to take to address the issue. Weekly scan of this network assumes the hacker does not try to penetrate the network often. Are we comfortable to allow on the network for a week to roam? Controlling access to assets that are critical need more than two or authentication. Encrypting the information with a encryption algorithm to make it very difficult for the thieves to use stolen information makes sense. Instead of lamenting on the shortage of cybersecurity professionals (which is true), concentrate on intelligent automation to reduce the degree of effort for doing several mundane tasks. Those measures are what this writer calls approaches.