Kristopher Peterson, GSEC
Technology has unlocked innovative ways for businesses to discover and service markets, identify and reach new customers and control inventories and processes. However, technology has also increased the surface area for which businesses may be vulnerable. The manufacturing and retail industry, now more than ever, must rise to meet the challenges and defend from both external and internal threats to protect its data and the information of its clients.
Businesses are only as secure as their weakest link. Often times that might be an unsupported web server, a phone system with default settings, or a vulnerable employee. So many components of the manufacturing industry now include technology that managing them all requires a staff of knowledgeable and proactive professionals. These technicians, engineers and analysts spend much of their time trying to keep up with day-to-day operations to ensure that employees can perform their normal functions.
How often does IT ask where confidential data lives or where an attacker might be able to find unencrypted credit card numbers or social security numbers? Is there already a widening gap between secure practices and how the business has grown comfortable operating?
Often times, we become accustomed to the ‘if it isn’t broken, don’t fix it’ methodology, which you won’t find in any best practice or standard operating procedure. Day-to-day operations are never questioned, but as they evolve week to week, month to month and year to year, it may begin to put distance between departments and security practices. Some employees and managers don’t see themselves as the owners of the data, but rather, may believe it is up to IT to know what is important and how to best protect it. It has become increasingly critical that organizations invest in continually evaluating their risks through a variety of strategies—starting with adhering to simple steps.
Center for Internet Security (CIS) Top 20 Critical Security Controls
The Center for Internet Security (CIS) Top 20 Critical Security Controls (previously known as the SANS Top 20 Critical Security Controls https://www.cisecurity.org/controls/ ) is a prioritized set of best practices created to stop the most pervasive and dangerous threats today. It was developed by leading security experts from around the world and is refined and validated every year. While being compliant leads to a more secure operating environment, there is no silver bullet for security. However, following these controls can significantly reduce the chances of a compromise.
CIS recommends that all businesses adhere, at a minimum, to the first five critical controls to eliminate the vast majority of your organization’s vulnerabilities.
- Inventory of Authorized and Unauthorized Devices – Actively manage all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.
- Inventory of Authorized and Unauthorized Software – Actively manage all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.
- Secure Configurations for Hardware and Software – Establish, implement and actively manage the security configuration of laptops, servers, and workstations using configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.
- Continuous Vulnerability Assessment and Remediation – Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
- Controlled Use of Administrative Privileges – The process and tools used to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.
The top five controls give an organization visibility into what technology is used, what vulnerabilities exist and who has permissions to access that information. It provides a general level of visibility into the working gears of the business and helps to establish a baseline. This baseline can empower both IT and employees to identify what is ordinary and what is out of the ordinary.
Being able to identify activity or behavior that is out of the ordinary is the only way in which malicious behavior can be detected and then acted upon. Having the ability to step back and view systems and applications from an outside viewpoint is also a skill that does not necessarily come easy to someone who is entrenched in the existing environment. It is times like these when an outside viewpoint or a fresh set of eyes can provide remarkable value.
How BlumShapiro Can Help
BlumShapiro Consulting can offer a fresh perspective of the challenges and risks that your organization faces by evaluating people, processes and technology through a number of consulting methodologies. Our staff is uniquely equipped to assist with the initial steps of identifying and assessing potential weaknesses through risk and vulnerability assessments. The assessments conclude with a customized and actionable report suitable for both technical and non-technical audiences that identifies immediate opportunities for improvement. Let us help you achieve visibility into your current security posture and help you gain the comfort of knowing that you’re prepared to meet any challenge. Learn more >>