Highlights from the Security Controls Bootcamp Webinar Series
You know that 5:30 a.m. “Booty Buster Boot Camp”—the one that forces you to wake up at a disgusting hour just to have a coach shout in your face as you struggle through endless squat sets, only to leave you wincing every time you sit down for the rest of the day? And then you tell your friends how great it was, and how fit you are, and you commit to going every day, even though deep down you know you’ll never go again. Oh wait, that’s just me?
Ok, so maybe I’m not a boot camp person. Say what you want about my willpower, but you know what I can commit to? Sitting in front of a computer screen for four hours. Now that’s the kind of boot camp I’m interested in.
As part of our National Cybersecurity Awareness Month efforts here at Ivanti, we hosted the Security Controls Boot Camp webinar series. It included four live webinars, held weekly throughout October. These thought-leadership webinars covered a variety of IT security topics focused on helping you manage your security strategy and build a stronger defense.
Don’t worry if you missed the webinars. You can view the recordings on-demand and read the summaries below. (No squats required.)
Why do security programs fail? How does a company that passed a recent audit suffer a breach? Is there a silver bullet out there for securing your environment?
It seems there are more questions than answers in cybersecurity today, so in this session, we provided some much needed answers. Our presenters David Murray and Jason Everson discussed ways to focus your security strategy to reduce the volume of security incidents and give your team back time to focus on business initiatives.
So, what does the “fog of more” refer to? According to David in the webinar, “most cyber-attacks are not particularly sophisticated. In fact, attacks often rely on simply misconfigured or outdated systems. The result of the 'fog of more' is confusion, misunderstanding, and ultimately, mistakes. Security and compliance professionals end up being so overwhelmed that they don’t have the time to investigate security events or to follow-up on insecure end-user processes, or even report up to upper management. One missed issue amidst all of this noise, one configuration that’s accidentally reset, or one misunderstood security event, and all of an organization’s investment in security could be in vain.”
To find out more about cutting through the “fog of more” using the CIS Controls, check out the webinar recording here.
Is it possible to remove admin rights without losing user productivity? Admin accounts are the “keys to the kingdom.” Attackers use them for full access to information and systems. We all know that a least-privilege approach is a security best practice, but removing admin rights can result in disgruntled users and lost productivity. In this webinar, our presenters David Murray and Jason Everson showed attendees how they can get the balance right between security and productivity.
“Privileged Management can function in two different ways. Either users are given standard accounts and any privileges they’re required to do their job is given to them just for the things they need to do. This is a least-privilege approach, which is an industry best practice. In the other option, users retain their existing admin accounts and privileges that they don’t need are restricted. This is typically quicker to implement than the previous option and will offer much better protection than doing nothing. This could also be used as a stepping stone to adopting your least-privilege methodology. Employing one of these approaches will reduce the risk,” Jason Everson explained during the webinar.
To learn more about the battle between IT and the end-user, plus view a helpful demo to see exactly how you can implement privilege management, view the on-demand webinar here.
Industry analysts are increasingly turning to application control as a key component in protecting endpoints against targeted attacks and advanced persistent threats. But many companies have tried and failed to implement effective whitelisting. Discovery can be an exhaustive process. Once implemented, there is a constant need to maintain and update the whitelist, and some solutions also take a heavy performance toll on the system. In this session, our presenter David Murray discussed how to implement application control in a real-world environment without all of the drama.
David started the webinar with a great analogy on antivirus vs. application whitelisting. “Antivirus is like that bouncer who watches everybody going into the nightclub and is trying to spot bad behavior. They’re going to catch some, but others probably had a few too many drinks. They manage to slip by, and inevitably they cause some problem inside the club. That’s kind of your antivirus approach, trying to catch bad behavior. Application whitelisting is more like the doorman on the door of an exclusive club that’s got a guest list. And it’s a very simple approach. If you’re not on the list, you don’t get in. The problem, of course, is there’s still a list that has to be checked and maintained.”
For a demo of application control in a real-world environment, you can watch the webinar recording here.
We know that patching is still an issue and a burden. Well, we want to take that burden off your hands. In this webinar, presenters Sara Otremba, Helen Brown, and David Murray gave attendees a firsthand look at Ivanti Security Controls’ patching capabilities. From its initial debut with Windows patching, we’ve expanded into the Linux realm. Watch this webinar to see how you can patch not only Windows but Redhat Linux and CentOS from a single interface. We also gave details on the latest about our CVE-to-Patch import capability that helps IT and security work together to reduce the time to patch.
“What are the things that cause delays and prevent organizations from patching in under two weeks? First of all is identification and prioritization. The challenge here is often in the handoff between the security team and the IT operations team. The security team have the tools to identify vulnerabilities and maybe even prioritize them, but then the IT operations team has to take that report, research those CVEs, duplicate them and identify the associated patches that have to be applied. They can spend hours if not days working through this every month or every couple of weeks. So before we roll out patches, organiations will typically have test environments, where they do the testing of patches before rolling them out across their organization. So how many tests machines do you need to test the updates and be assured that you’re not going to have issues rolling out patches in production? The bottom line is testing introduces some delays along the way – reliability versus risk. So all of these issues create challenges, introduce delays to the patching process for our already busy administrators. Ivanti Security Controls can help with this,” David Murray explains in the webinar.
Learn the solution to the issues described by David by watching the webinar recording here.