- Security Policies
- Patch Management
- Vulnerability Scanning
- Threat Intelligence
- Risk Management
When it comes to traditional approaches to cyber security, a checklist of items comes to mind. For the purpose of this post, I have listed the first seven that came to mind from regulatory compliance audits.
Firewalls are configured with specific criteria to block or prevent unauthorized access, malware, and computer attacks on a network. Security policies will prescribe password characteristics, strength and expirations. Antivirus is designed to keep computer devices clean from malicious software (malware) such as viruses, worms, and trojans, and is commonly deployed on computer and smartphone users’ devices as the last line of defense against cyber threats. Updating patches must be continuous as the threat landscape continues to evolve. These are the basic definitions for these basic controls that protect network and computers from the cyber threat.
In a recent case, analysis of a vulnerability scan to a server revealed that 60% of the critical and high findings would have been remediated simply by patching. How can an organization not be taken down by the hostile internet when patches are not kept up to date? The answer on the surface is the device is behind a firewall, its IP address is not publicly visible and it does not have direct user access. Cyber security is not a separate security approach but rather the integration into traditional security risk management.
Cyber security does not mean additional large scale technological investments but rather due consideration as part of an organization’s risk management framework. Security is about people, processes and when feasible technology to assist.