The Fight Against Cyber Threats Requires a Dose of Common Sense

It is widely known that common sense is not common. It is more frustrating when the approaches used by some associations to prevent cyber attacks lack the use of common sense. This article documents recent studies on the frequencies at which large associations scan their networks to spot vulnerabilities and increase their security posture. While zero-day strikes (malware introduced into the cyberspace for which countermeasures have never been developed) constitute approximately 13% of all of the vulnerabilities (Ponemon Institute, 2014); the remaining 87% are well understood and countermeasures exist for preventing them. The article also identifies a number of the complacencies of some organizations in fighting cyber threats and provides some tips for protecting the information and communication systems that support both private and government organizations.

Current tools that merely alert the IT team to respond to information on cyber threats are insufficient to deal with the massive volume and sophistication of contemporary cyber threats. Therefore cybersecurity solutions that stop and may forecast threats on the networks are needed to address the limitations of hazard management tools. In generating large public databases of vulnerabilities in NIST and Symantec Recent efforts have led. But access to vulnerabilities databases is just the initial step in managing threats to the networks, but it won’t reduce the frequency and harms brought on by cyber-attacks unless network administrators are outfitted with security tools. Those attempts aren’t being helped because several organizations and customers are slow to apply security updates.

Alarming statistics from market surveys: Released reports from recent research by two independent market research associations on the frequency of full-network active vulnerability scans (a.k.a. credential scanning) supply some very disturbing statistics. The 2015 Cyberthreat Defense Report on 814 associations by the CyberEdge Group along with the 2014 poll of 678 US IT Practitioners by the Ponemon Institute, LCC arrived regarding the complacency of several associations at results. Their findings reveal the following Annually: 14%: 4 percent; Weekly: 11%; Monthly: 23 percent; Quarterly: 29%; Semi-annually: 19%; and energetic frequencies: Daily. A large number of organizations scan their networks to become compliant with attention. The reports show that about 38 percent of those organizations scan their networks yearly. Organizations which promise to execute scanning work scanning which does not offer a thorough picture of the vulnerabilities of their network elements. Even the most recent directive from the White House to government agencies to tighten security controls in response to the hack of the Office of Personnel Management (OPM) recommends the agencies patch some security holes in reaction to this list of security vulnerabilities supplied by the Department of Homeland Security every week. (Lisa Rein, The Washington Post, June 16, 2015).

The need to focus on automation rather than relying on human capital: Scanning the networks creates a huge amount of vulnerabilities that have to be analyzed to gain intelligence about the network otherwise known as Situational Awareness. Alerting the system administrator to respond and merely publishing the nodes that are most vulnerable isn’t powerful. It makes no sense to expect the mind to process over 300 vulnerabilities and apply countermeasures that are necessary daily. Rather than lamenting on the lack of personnel or cybersecurity experts, a substantial quantity of resources needs to be devoted to processing automation. Rather than relying on humans to perform penetration testing following the vulnerabilities are identified, tools that automatically generate attack avenues and prevent attacks should be the focus.

Defense in Depth: The idea of defense in depth is widely known by cybersecurity professionals and ought to be implemented. Harden or to protect each node on the network, it’s critical to employ five or more strategies. I) Employ up-to-date anti-virus software that can purge both known and unknown malware. 2) Control the use of certain devices (like disabling the blue tooth in your laptop) in public particularly at airports and Coffee shops; 3) Encrypt the hard disk and the press to protect stored data (classes from Sony and OPM); 4) Control applications to prevent un-trusted changes (e.g. SQL injection); and 5) Patch control to make sure the system is running the most current applications. Defending in Depth is called Host-Based Access Control in quarters. When the host was shielded, diligent efforts should be made to defend the community (i.e., connected nodes).

Concluding Remarks

Virtually every week, we read concerning the vulnerabilities of the government and private networks and the substantial cost to the market, intellectual property, and privacy of people. Many established companies and government agencies expend a significant amount of resources deploy and developing cybersecurity tools, yet the strikes persist. One may ask. There are some essential steps that we will need to take to address the issue, while we know that the issue is hard. Weekly scanning of the system assumes that the hacker doesn’t attempt to penetrate the network often. Are we comfortable to allow on the system to get a week to roam? Controlling access to assets that are critical requires more than 2 or authentication. The sense is made by encrypting the data with a very strong encryption algorithm to make it difficult for the thieves to use stolen information. Instead of lamenting on the lack of cybersecurity professionals (which is accurate ), focus on intelligent automation to reduce the degree of effort for performing several boring jobs. These steps are what this author calls common-sense approaches.