How to Approach IT Security Like Homeland Security

How to Approach IT Security Like Homeland Security

How to Approach IT Security Like Homeland Security

By Karen A. Frenkel

Identify Your Endpoints

Take inventory of both your organization’s technical and physical processes. Endpoints, and the people who operate them, should all be within the scope.

Evaluate Your Assets

Whether your organization’s most valuable assets are mobile devices, computers or certain employees, know who and what to rely on in critical situations.

Understand Your Threat Landscape

Everyone within the organization should have a basic understanding of its unique threat landscape. Many data breaches are caused by unwitting security lapses. Today’s mobile workers often use their personal devices for work and vice versa. Good security overlays good business processes and reinforces them.

Understand Organizational Risk Tolerance

Various levels of protection are acceptable for different organizations. A health-care organization has different compliance regulations and security standards than credit unions, for example. Know what level of protection your organization needs.

Top-Down Approach

Top-down security goes hand-in-hand with understanding your threat landscape. Enterprise security issues should stay within the IT department’s walls; they must be supported from the top down. C-level executives must work together and become better educated about their organization’s cyber-security practices.

You Will Be Attacked So Be Prepared

No perimeter is impenetrable. Balance your perimeter, internal and high-value asset defenses; resources are not unlimited and trade-offs must be made.

Eliminate False Positives

The perimeter is dissolving, the end point is under assault, and IT is inundated with false positives. Spotting actual threats drain resources, yet threats are often discovered too late. If your organization doesn’t have the internal resources to sift through thousands of detected threats daily, employ a managed security solution that can.

Find and Address Vulnerabilities

Unpatched code is the conduit for 50% of successful attacks and insider threats, both deliberate and unintentional, contribute to an organization’s vulnerability. Create stricter access controls and initiatives aimed at mitigating insider threats. Security awareness training and education can greatly mitigate unintentional insider threats.

Collect and Store

A security operations element will rely heavily on data and observations as opposed to notifications, particularly during the building phase. In intelligence applications, the most useful data may not be identified in advance so it’s stored as much as possible. Unless you are sure you know what you need, it’s wise to cast a wider net.

Use Big Data Analytics

Big data analytics should be part of your security posture. Organizations need the ability to find patterns, and from that, anomalies, in their ongoing effort to defend their assets.

Invest in People

Spend money to hire and retain top talent, either internal or outsource. Technology-only solutions are becoming increasingly sophisticated, but humans are more efficient at a vast collection of tasks, such as determining if observed events in a potential victim’s environment are truly malicious, or simply benign activities.

Continually Test yourself

Once you have mastered these tips and during the build-up, test your systems. Don’t cop out with a cheap penetration test. Find a vendor who will really put your through your paces and simulate these tests as often as you can afford.