There’s a great quote from George Costanza on Seinfeld, “…you can stuff your sorries in a sack, mister“. Basically, saying “I’m sorry” just doesn’t cut it sometimes. This post examines some situations where saying “I’m sorry” just won’t be enough.
Consider this: How much should an executive be concerned that inattention to security causes damage to another person or organization? What if by failing to implement proper security measures on your network, it becomes a tool that an attacker uses to damage another person or organization?
Network security can easily be far down on the list of challenges that an executive normally thinks about, there’s always something more pressing. Most have reconciled themselves to a certain amount of risk to their own business where security is concerned. Their thinking goes like this, “I probably need to invest more in security for my network, but we’re not having any problems right now, so it’s on the back burner until there’s a better time. ”
We all know that if you have a car and you drive around with bad brakes or threadbare tires, you are negligent and will be held accountable if you cause an accident. Even if your insurance covers it, the pain caused can be devastating.
Consider the very realistic scenarios below:
- One of the servers on your network has been used as a repository for illegal images and videos. The images are shocking, repulsive, and very harmful to all involved.
- Your CEO is acquainted with executives of several publicly traded companies. His email account was compromised and was used to trick them into revealing non-public information that impacted share prices. The hackers used this to make several million dollars in stock trades.
- Your network was compromised and used as a staging ground for an extortion scheme where a local firm’s data was encrypted and held for ransom. The hackers were from Eastern Europe. The local firm didn’t have a good backup, and had no choice but to pay the ransom.
The investigators show up and start asking questions:
- Did you know this was happening, and did you have any part in it?
- Have you taken any steps at all to secure your network?
- Have you ever conducted a security evaluation for your network?
- Did the system in question have the latest security patches and software?
- What best practices do you follow?
- Do you have any logs that could help identify who is responsible?
Avoiding an embarrassing and potentially damaging situation isn’t complicated and can be done within the constraints of your budget.
- Conduct some type of security analysis. Have someone check the network out for security. There are various levels and tools that can be used, but even a quick check is better than nothing. Leverage your trusted partners to form a security team.
- Implement a formal program of patching and updates for your systems and software. This must happen continually, it’s not something you can do and then not think about for a couple months.
- Implement a program of network monitoring and logging. Gain visibility into what’s going on in your network.
- Adhere to the principle of “least privilege“. If someone doesn’t need access for their duties, they don’t have it.
- Implement a defense in depth strategy for your network that includes protection against a Zero Day Attack.
- Publish and adhere to formal security and acceptable use policies.
- Conduct education sessions for your team so they don’t fall prey to social engineering attacks, risky clicks, or other dangerous practices.
Hope this helps spur some thought, please let us know if we can be of assistance with making sure that your network is a safe, reliable, and productive platform for your organization.