Posted on October 4, 2022 by S.L. Sweet
In the mind of a CISO, endpoints are the weakest link, and sometimes even invisible. Companies of all sizes have learned the difficult lesson of what happens when you don’t take precautions and aren’t vigilant.
As my colleague, Ken Morford, wrote recently: There is no such thing as a “little” hack.
You can do more than create a robust strategy that includes disaster recovery, backups, and business continuity planning. You can possibly avoid the disaster altogether by constantly ensuring you know where your endpoints are and protecting them well.
Step 1: Establish a Security Posture
I think the first step in establishing a strong security posture is understanding what’s in scope. You need visibility and a deep understanding of what’s active in your environment. Skip this step, and you may well face harsh consequences.
You’ve got to establish a single source of truth about the state of endpoints—every laptop, every IoT-enabled appliance, every BYOD machine—that IT operations and security teams can rally around. Because the risks are high: a single employee’s laptop can offer a bad actor a way in, and there’s no need for thieves to break into buildings physically when there’s an internet-connected HVAC system.
Step 2: Investigate and Remediate
Next, you’ve got to investigate and remediate security incidents precisely and fast. If—or should I say "when"—an incident does occur, you want to rapidly isolate the affected individual machine(s) from your other devices so that the issue can’t propagate throughout the network. You want to reduce the impact on the business and your security team.
Along with these first two actions, it’s essential to develop a cadence of good IT hygiene. This includes meeting compliance standards, user training, and enforced password and patch policy. Importantly, it also includes mitigating the risk of future disruptions by assertively managing and maintaining the health of endpoints.
Step 3: Know your Score
These steps are perhaps the obvious approach to resolving security risks. But it’s also vital to gain comprehensive visibility and control over cyber-risk on the endpoint. You can take advantage of recent strides in artificial intelligence by employing tools that use algorithms to classify endpoints or devices and assign a risk score.
This approach helps to ensure that you get a real-time view of risk posture across your organizations. You’ll be using endpoint data not only to minimize risk but also to increase alignment to strategic business initiatives and reduce tool complexity for IT teams.
Of course, the steps we’ve outlined today sound reasonable—if you live in a bubble where cost is not an issue and skilled cybersecurity talent is available when you need them. The truth is, according to (ISC), the size of the cybersecurity workforce is 65% below what it needs to be.
And if you’re like most CIOs or CISOs, you’ve spent the past decade adding point solutions as threats emerged. Like a tech version of whack-a-mole, IT departments with many vendors and different solutions for each issue are adding to the complexity of the environment and making it difficult to keep up with the latest dangers.
This struggle with time and resource constraints can lead to a lack of capacity to solve IT issues quickly. Even using vendors can be problematic if you end up with too many—managing myriad vendors takes time and money.
Let’s start the conversation.
Fusion Connect is committed to providing future-proof solutions for customers. Let’s talk about Fusion Connect’s security solutions that best meet your business needs. Call +1 888-530-2574.