Dean Sysman - CEO/Co-Founder at Axonius. Previously Co-Founder/CTO at Cymmetria, Intelligence Officer, Forbes 30Under30 Israel 2017. posted on 05 Jun 2019
Every facet of the cybersecurity landscape seems daunting and intimidating. There’s news of mega breaches daily, along with newly found exploits and an ever-expanding attack surface. Couple that fear with the thousands of bleeding-edge cybersecurity products that border on science fiction, and it’s understandable that organizations feel both lost and hopeless. But all is not lost.
In this article, I’ll highlight five cybersecurity basics every company should prioritize today to put them in the best position to keep their information safe.
Back To The Basics
Between the explosion in the number and types of devices, security teams are responsible for and the increase in attacks and breaches, it’s no surprise that the enterprise cybersecurity market will be worth an estimated $300 billion by 2024, according to Global Market Insights. Yet, despite the massive opportunity and the constant innovation from cybersecurity vendors, a surprising trend is emerging that seems unique to security professionals: a return to the fundamentals of cybersecurity.
At this year’s RSA Conference, my company, Axonius, was fortunate to be selected as one of 10 finalists in the prestigious Innovation Sandbox, a contest that names the “Most Innovative Startup” of the year. Up against such amazing technologies as homomorphic encryption, fraud and abuse prevention, attack protection for Linux, and AppSec automation, the judges picked a decidedly unsexy company as the most innovative. From Patrick Heim, CISO and Operator at ClearSky:
“More and more I think CISOs are looking at back to basics. What are the fundamentals we have to fix from an infrastructure perspective first before we worry about ninjas facing us with APTs and zero-days? There are some basic things you have to solve first.”
I couldn’t agree more. As security defenses become more sophisticated, attackers are increasingly opportunistic, looking to exploit lapses. It’s time to turn our focus to the fundamentals of security hygiene and shore up those foundational basics.
So, which basics are most important? Here’s my take:
1. Know Your Assets
You can’t secure what you don’t know about. Ensuring that you have a comprehensive asset inventory (laptops, desktops, servers, cloud instances, mobile devices, virtual machines, etc.) is the first step in any cybersecurity program — see CIS Controls 1 and 2.
As a first step, establish an ongoing asset discovery process, and then classify each asset in a repeatable process to make sure nothing slips through the cracks.
2. Close The Coverage Gaps
It’s inevitable that along the way, despite implementing the best solutions possible, you’ll find devices that are missing security coverage. These could be assets that:
• Never had the correct security solutions installed in the first place.
• Had the right solutions implemented, but a local admin shut them off.
• Had security solutions disabled due to malware.
After taking full inventory of all the assets you have, you’ll gain a better understanding of where the security holes are. With this kind of visibility, you can specifically identify and effectively address these gaps.
3. Regularly Audit User Access
Keeping track of user permissions is another critical, foundational basic of cybersecurity. Ask yourself questions such as:
• Do I have users with passwords set to never expire?
• Are there service accounts with admin access to the entire kingdom?
• Have I been diligent about retiring accounts from users no longer at my organization?
No matter how tight you believe your controls to be, it’s essential to establish an ongoing auditing process to validate and enforce these controls. Less is more when it comes to giving employees access, even with the best intentions.
4. Validate Your Security Policy
You’ve discovered and tracked your assets, closed coverage gaps and have user access locked down. What’s next?
Any security policy on paper is only as good as its enforcement in reality. Implement an ongoing process to validate that your security policy is always being adhered to so you know any time something isn’t as it should be. This is the only way to address and fix exceptions instead of being exploited.
5. Automate As Much As Humanly Possible
I cannot possibly stress this enough: Once you’ve established your “back to basics” processes, automate as much as is feasible. Don’t rely on reminders — they stop being effective as soon as another priority arises (which is inevitable). Automation will reduce human error and will free up your valuable cybersecurity staff to do more meaningful work. I won’t go on about how that will increase engagement, retention and career satisfaction (plenty of others have written extensively on the subject).
The cybersecurity landscape is full of innovation, and returning to the basics may seem counterintuitive. But if you’re able to nail down the foundational elements, you can spend more time advancing your security program without that nagging thought that you may have missed something.
Trigo, a computer vision startup out of Tel Aviv that is building check-out-free grocery purchasing systems specifically targeted at large supermarkets, has picked up a Series A round of $22 million led by Red Dot Capital.
Cybersecurity asset management startup Axonius has raised $20 million in its second round of funding this year.
OwnBackup appoints Adrian Kunzle, former EVP, Platform Products at Salesforce, as Head of Product and Strategy.