Finding Community Amongst The Chaos
IT & Security Professionals Come Together in Wake of Kaseya Breach
Why Was This Such Big News?
Why is this still happening?
Instead of Division, We Saw Unity
What Can We Take Away From This Event?
- Security will continue to be a major player in business operations for the foreseeable future. Companies who aren’t taking security seriously are just waiting their turn to be a target. And they will soon find out whether their business can survive the loss of data, shutdown of business operations, and the impact on credibility associated with a breach… in addition to the real cost of recovery.
- There is no silver bullet or one-size-fits-all tool to find or block these creative security events. Much like a carpenter uses a saw, sander, hammer, and chisel to do one job, an IT company will also rely on a series of tools. But even more importantly, a tool is just a tool — and the best security tool will be rendered useless if it isn’t deployed or configured correctly, updated & tested regularly, or a evaluated against current real world threats.
- No matter how prepared you are to detect or prevent an attack, backups and the ability to restore are critical in a time of crisis. When all else fails, you may have to rely on your backups to quickly restore business operations. When was the last time you verified your backup process and tested to ensure it would be successful if the survival of your business literally depended on it?
How Can Companies Prevent Being A Target in the Next Attack?
- “An ounce of prevention is worth a pound of cure.” In addition to technical controls that companies can and should be implementing to improve their cyber security posture, there are a series of administrative controls that are just as important. A crisis creates the perfect storm where reactive emotional responses can put a company out of business. You should never wait until an event occurs to document policies, procedures, and controls to aid in the case of an emergency. Your Business Continuity and Disaster Recovery Plans are not optional and should be reviewed & updated regularly.
- You must take a multi-layered approach to security.
- Vulnerability & patch management is critical to keeping your company off the radar for cyber criminals. They often search the internet for businesses who are running vulnerable software or hardware that become low-hanging fruit and are easy to exploit. The best way to not show up in these scans is to be proactive and detect & resolve these vulnerabilities before they can be used against you.
- Zero Trust is not an easy concept to accept but it is key in protecting against the attacks that we have not yet seen, like the recent Supply Chain attacks. The idea is to operate much like the old days of the firewall — everything is blocked by default and has to be enabled (or turned on) in order to function. By not trusting, as a default, additional overhead is put on IT teams to verify changes to an environment (new application version, new or modified IP addresses, etc.) but it also provides protection against malicious changes that are pushed out unsuspectedly.
- Security Event & Information Monitoring (SEIM) allows a company to monitor for active attacks and evaluate for Indicators of Compromise (IoCs). In the case of an attack, it is just as important to recognize a breach so you can mount an appropriate response and shut them down, minimizing the exposure to your systems or data.
AlphaONE was created out of the necessity to give Small & Medium Businesses (SMBs) a fighting chance in the world of IT Security. We have services built around detection, remediation, and monitoring of your company’s assets and will be glad to work with you on a customized Security plan built around YOUR business. Give us a call (833-ALPHAONE or 334-245-3125) for more information on how we can help protect YOUR future!