5 (Not So) Scary Infosec Questions to Answer this Halloween

Share and earn Cybytes
Facebook Twitter LinkedIn Email

It’s Halloween. Time for candy checking, cavities and the start of the retail season. 

And while attacks will rise around the holidays, don’t let the FUD machine get you too scared about things the go bump in the infosec night. 

Here are five things that should actually concern you. They were easily what concerned me most with every infosec program I built and led. But if you’re able to answer them, you’ll find they’re not so scary after all. 

1) Are my accounts safe? Do you have MFA turned on everywhere possible?

“Turn on MFA now. Everywhere.”  – Brian Beyer CEO Red Canary

Sure, SIM cloning and MFA have weaknesses, but are they worse than password weaknesses? Users are adopting various MFA options on mobile today for all kinds of services. If I had one thing to worry about, I would worry whether or not this project was completed. Easily one of the biggest bangs for your buck on infosec. As Brian said at the Cb Connect 2018 Conference: “Just do it.”

2) Do I have the visibility I need to understand my changing conditions?

You need to put yourself on the most proactive footing you can afford. This starts by collecting the right data to make decisions as fast as possible. Can you detect in less than 15 mins? Can you  determine root cause and remediate shortly after? If not, why not? Do you have a team trained and ready to combat the humans on the other side of the keyboard? If not, start to put yourself in a position to defend your systems. Where are my blind spots? I chewed on this particular question endlessly. Lots of late nights spent on this one.

3) Is my team spending more time managing systems than they are defending them?

Security can be cumbersome and require many systems. The cloud provides an answer to this by thinning out the infrastructure needed and allowing for simpler faster deployments of capabilities. It’s scary the amount of time teams spend managing gear and not tuning it. It’s scary how much time we could save by looking to the cloud to achieve the same results faster. It’s scary to think we could get more proactive if we leveraged the cloud instead of managing all of this gear ourselves. Being able to leapfrog capabilities is also a key advantage over managing your own stack. Our organizations are generally giving us more money and people aren’t giving us more time. We need to spend our time on high-value security activities not getting in the IT business.

4) Can I cut through the noise and make the right decision for my organization?

It’s scary how many point solutions are out there. It’s a lot of money. We can’t afford to be wrong when it comes to a technology choice. The consequences range from a loss of political capital and project time to a complete lost effort that must be redone a few years later. Infosec teams and leaders need help cutting through this noise to make the right decision for their teams and organizations. Will the platform mature as your team and organization does? Does it stop what it says it’s supposed to stop? How much work goes into the project to achieve the desired outcome? Am I wrong? Is the team wrong? Did we miss something? Did I make an objective decision? These questions always scared me when I went to write large checks. Trust your partners more. Trust some third parties for objective results. Listen to your peers. Test for yourself!

5) When it’s “go time,” is my team ready? Is my organization?

Breaches will continue. They are the cost of doing business today. That being said, has your team prepared enough? Have they done exercises? Have you simulated adversaries that meet your threat profile? Is your business process ready? Is your incident response process? The question is not whether or not you need a plan. YOU DO. The questions are: “have you prepared enough?”  and”Have you tested it?” Train now to help lessen the fear of what happens during the event if you have never been through one.

Above all, remember not to fear. We ain’t afraid of no ghosts.

The post 5 (Not So) Scary Infosec Questions to Answer this Halloween appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?