In our previous release, we discussed how perimeter defence and good cyber hygiene can help protect organisations from contemporary cyber security challenges. In this episode, we explore additional security considerations for 2022 and highlight some key call to action.

Real-time endpoint performance monitoring and configuration management

Most businesses underestimate the importance of performance monitoring, while IT operations tend to focus on performance monitoring and availability. Traditional endpoint management and security tools scan devices for conformity or security vulnerabilities regularly (typically monthly but at times weekly) or on-demand.

Although performance monitoring is a feasible way to determine when a system fails or needs maintenance, it can also identify anomalies that imply a potential ransomware attack. Another foundational building block for effective and proactive cybersecurity is configuration management.

Configuration management provides IT and security teams with a single pane of glass view to track and manage all parts of the network, encompassing hardware, endpoints, appliances, network devices, and software. By recognising the relationships and configuration of each endpoint, IT and security operations teams have greater visibility and unity across the organisation. In addition, by adopting a security platform approach, security operations personnel can identify, find, and fix an anomaly before it becomes a problem. Also, organisations can investigate why the anomaly appeared in the first place, which potentially uncovers and tracks a previously unknown bad actor.

Patching and updates

Hackers are always on the lookout for security flaws, also known as software vulnerabilities. A software vulnerability is a security loophole found in a software programme or operating system. Hackers take advantage of these weaknesses by writing algorithms targeting these vulnerabilities.

From an IT operations perspective, software life-cycle management allows visibility into the warranty, service status, and software patch/upgrade compatibility. However, this process has been significantly impacted with remote working in place, with software and operating systems missing their patch cycles, eventually resulting in a considerable backlog of updates.

Non-compliant endpoints with outdated software and patches present a significant cybersecurity risk to the overall organisation. With network visibility and a single interface for security, compatibility, and compliance, organisations can curb their system and business disruption risks while protecting all corners within the estate. Computer hardware and software updates are frequent, and these updates address security risks for most parts. Before COVID-19, patching was one of the most manageable steps security teams could take to reduce risk. However, as the workforce became more distributed, patching and updates became increasingly challenging. For a business to remain compliant, it is essential to have a security platform that identifies, controls, and manages all endpoint assets regardless of location.

Data privacy and risk management

The need to protect data and privacy is at the heart of every IT operations and cybersecurity programme.

The future of cyber warfare is here, and the main prize is information. Most successful cyberattacks exploit:

• Failures to patch known vulnerabilities
• Misconfigured firewalls or network infrastructure
• Unsecured databases; or
• Social engineering malware

Taking a holistic, platform-based approach to security, organisations can close the gaps from a compliance, patching, and deployment perspective and identify or reveal what shouldn’t make it through the cracks. For example, a recent study found over 75% of firewalls are misconfigured, as a result of bring-your-own-device (BYOD) policies and requests from senior executives for specific access to non-sanctioned systems or services. Circa 80% of endpoint devices, such as laptops and IoT equipment, have limited or no protection; with 30% of these devices using default or weak passwords. Lastly, over 55% of remote employees use corporate credentials to register for online and personal e-commerce services, which introduce a myriad of data risk and privacy management challenges for their employers.

Call to action

2022 will not be any easier for security professionals than 2019 & 2020. However, forward-thinking organisations are implementing systems and processes in place to ensure they are ready for whatever comes next.

Pulse Integra recommends you:

1. Ensure you have an efficient patch & vulnerability management programme. This is paramount, especially in today’s security environment. Even today, the majority of the businesses do not keep a track of the systems that have been patched, systems that need to be patched, and most importantly, systems that should or shouldn’t be on their networks in the first place.
2. Understand the threat landscape. It is crucial to understand which devices and endpoints reside within your network. It is also essential to understand the threat landscape, where your devices live, and internal and external threats that can harm your business.
3. Develop a plan to protect your customers’ data and privacy. Organisations that ensure security to customers data and privacy will thrive going forward. Having a single platform for managing privacy, security, and data integrity is an effective step for covering all aspects.
4. React quickly once your organisation is compromised. Whilst it is difficult to deter sophisticated nation-state attacks, the key is how an organisation reacts. The ability to respond swiftly to whatever is next is vital to safeguard infrastructure, data, and endpoints. Therefore, turn decentralisation and scale into an advantage in the work-from-anywhere era.