Welcome to 2010. A new decade, for sure, but one likely to contain many of the traditional security problems that we have grown used to.
How would I rate the top three things you should be paying attention to as we begin the new year? Glad you asked. 🙂
1. Malware – malware is the current serious scourge of infosec. It is becoming increasingly clear that prevention is a losing battle. Detection is often not even up to par, so personally, I would be thinking about response. How can we leverage egress filtering, data leak protection and other controls in depth to limit the amount of damage that an infected machine can do? Can we perform alternative forms of detection, like HoneyPoints and HoneyBees to identify when things are “not quite right” in our environment? These approaches have a proven track record for helping. Check out the SANS CAG for more tips down this line of thinking.
2. Partner network connections – Are you sure they are secure? Do you treat them (and their traffic) like a DMZ? If not, get a move on, because the statistics show this is a major source of issues and data loss.
3. Do you have “production blinders” on? – Are all of your systems in scope for your ongoing assessments? You need at least monthly ongoing vulnerability assessments of every machine in your environment. Not just from the Internet, but also from the internal network(s). Why the inside too? Review point number 1. The inside is the new outside….. Give us a call to discuss assessments if you need help. Our GuardDog appliance can provide you with ongoing assessments that are affordable and results focused. Together, we can help you get to a comfort point where security is a manageable task.
Those are the big three. They are what I would focus on if I were a CIO or network manager. Welcome to 2010, where everything is different, except the things that aren’t. 🙂
PS – I hope you had a wonderful holiday season!