Accordingly, here are four New Year’s resolutions for the cybersecurity industry in 2017. If any of these items are not on your “to do” list for 2017, I would challenge you to add them.
1. Move Beyond Passwords
It’s time to stop using the username/password model for identity authentication. The pitfalls of passwords are very familiar to security professionals: Users employ the same username/password combination for all of their accounts, meaning that once hackers have it, they can potentially access all of a user’s accounts.
Unfortunately, stolen usernames and passwords are readily available online, thanks to many successful attacks in the industry. There are alternative ID verification methods, like multifactor authentication (MFA) and biometrics, already being used throughout the digital ecosystem; so let’s collectively resolve to put the insecurity and frustration of usernames and passwords behind us in 2017.
2. Make Sure the Security and Management Teams Understand Each Other
Want to avoid an awkward conversation this year? If you’re in cybersecurity and have previously created some sort of status update about your network’s security posture, go back and read it again; but this time, read it as if you were a layman or non-technical executive. If the report doesn’t give you a clear understanding of where network security is today, where it needs to be tomorrow, and what it will take to get there, you need to adjust the way you present your findings to better suit your audience.
3. Join a Threat Intelligence Sharing Group
The surge in cyberattacks in recent years has led to a tsunami of threat intelligence data that leaves most security organizations struggling just to keep up with the number of inbound threat alerts, let alone analyze them to identify the significance of their threat to the network. The only reasonable way to handle this much data is to automate the process of identifying threats, determining the proper fix and then implementing it. And to automate this process, the cybersecurity industry needs to work collectively and share the workload of analyzing threats and developing appropriate countermeasures.
There are many methods for sharing threat intelligence, be they the ad hoc sharing of threat data between industry colleagues or a company officially joining an organized industry consortium devoted to threat intelligence sharing, like the Cyber Threat Alliance. I’ll leave it to the reader to determine which approach makes sense for your organization, but this kind of collaborative effort is vital as the cybersecurity industry works to make our digital way of life secure and reliable.
4. Be Kind to Your Level 1 SOC Operator
The level one SOC operator, one of those often overlooked but vital professions, is literally on the front lines of the ongoing war between black and white hats in cyberspace. They are responsible for identifying and mediating cyberattacks before they occur, and in the case of a successful cyberattack, the first person to receive blame for it. If that pressure weren’t enough, they’re also the security team members tasked with managing the threat data tsunami described above. So the next time you see your favorite SOC operator, take a moment to tell him or her how much you appreciate their team’s work and how important it is to the ongoing success of your organization.
At the end of the day, any successful cybersecurity strategy will rely on being proactive and informed. As 2017 continues along, it’s important that the industry remember the teachable moments from the past to be ready in the future.
Victor Tavares is Senior Manager, Systems Engineering for Palo Alto Networks.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…