08/26/2021
It’s no secret that data breaches and other cybersecurity threats are in the news on a regular basis.
Many of our clients and other companies are growing increasingly concerned about managing these risks, but through recent work with clients in this space, we’ve found a number of best practices that can help companies implement and enhance their cybersecurity strategy. A proactive approach can help manage and mitigate risks to data security in the event sensitive customer data is breached and exposed. It will also help confront the threats that ransomware poses to business continuity, as we’ve seen with the recent attacks on the Colonial Pipeline and the JBS meat processing plants.
Below, you’ll find a few things to keep in mind when implementing a cybersecurity strategy.
Prioritize “Quick Wins” when Tackling Cyberthreats
First, it’s important to identify the most threatening vulnerabilities and design a strategy that provides a high ROI for those vulnerabilities. Penetration testing (a simulated attack on a system to evaluate its security) can help companies identify vulnerabilities before it’s too late, but unfortunately, many vulnerabilities aren’t identified until after they’ve already been exploited.
One of our current clients detected a breach in 2018 and quickly realized how exposed they were – due to a flat, open network, threats could easily spread throughout the network. Upon recognizing this, they moved quickly to secure the support and investment necessary to overhaul the network through a segmentation strategy that would prevent threats from spreading. We helped this client design, plan, and implement a phased approach to network segmentation, with “quick wins” purposefully built into the first phase. In particular, this meant prioritizing the deployment of next generation firewall hardware to almost 30 of the largest sites in its network. By regulating traffic between these sites and the client’s data centers, these new firewalls dramatically reduced a threat’s ability to spread throughout the network. The lead engineer for this project once told me that 80-90% of the project’s overall value was derived from these new firewalls because they helped cordon off the largest sites from one another. More complex aspects of the network segmentation program were built into the later phases of the new strategy because they were more challenging and less rewarding than the deployment of these firewalls.