What to Do Before All Hell Breaks Loose — the Security Blog Post
Or, as I call it, “The One Where I Liken My Brand of Business Travel to Cybersecurity.”
No, really. Bear with me. It will all become clear.
Let’s just dive in, shall we?
When I go on a business trip, I have this plan that everything will go smoothly. I’ll pack 24 hours beforehand, sail through the airport, get on the plane early with my one, small bag, and arrive unwrinkled, unharried, and smiling at the meeting or event I’m going to. The consummate Ivanti employee.
Your IT team has plans too. They’re going to spend less time keeping the lights on and more time partnering with the business to forward business initiatives: increase revenue, create new revenue streams, differentiate the business…. And IT operations will run like a well-oiled machine, affording them the time they need to accomplish these goals without incident.
What actually happens.
For me? Well, I pack 30 minutes before I need to leave for the airport. That means I throw everything and the kitchen sink into my suitcase. Inevitably, I add a bag or two to accommodate my “more-is-better” approach (because calling it that makes it true, right?)—which also adds time and expense to my trip. Then I slog through the airport with my carry-on suitcase that hasn’t rolled properly in years, barely making it to the plane on time, and knowing with pit-of-my-stomach dread that all of this will happen in reverse at my destination. I’ll be lucky to make it to the scheduled event on time.
Oh, and inevitably I’ve forgotten something I really needed to bring with me—like my mind.
Well, OK, more like my hairbrush. And, OK, maybe I exaggerated a bit in that scenario in general. But, without question, there’s a better way for me to get the job done, and a way for me to maximize my time before departure doing the things that really matter: brewing my morning coffee, downloading the right Netflix shows for the plane, actually brushing my hair… and, OK, maybe going over the speech I’m planning to deliver.
Where am I going with this?
Let me bring it back to IT.
What happens if an organization has so much security device sprawl in the IT environment—so many solutions purchased at one event or another, because the FUD is real and all-consuming and there’s always a shiny, new thing out there—that the IT team is spending a world of time configuring these and maintaining and managing them? That’s taking their time and focus away from deploying the business’s new AI chatbot for better customer service or the latest efficiency tools to increase productivity. It’s also increasing costs. And IT’s not focusing on what’s really important from a security perspective either—what’s actually designed to combat today’s real-world cyber threats.
And the Security team? They’re getting alerts in from all these different solutions that they can’t possibly respond to. They can’t find the signal in the noise to determine what they should focus on, and they don’t have the staff to investigate everything, so they very often ignore the alerts altogether. In fact, according to the Cisco 2017 Annual Cybersecurity Report, nearly half of alerts go uninvestigated.
So, where do we go from here?
Let’s start with the airport. What if I had done better planning before the trip? I’d looked at the weather, figured out which events I’d be attending, and pulled together the minimum outfits necessary to dot the i’s and cross the t’s. And what if I had one solid, trustworthy suitcase to get me from here to there? What if I concentrated on getting the basics right? There would be no added time or costs, and I’d be far more likely to get where I’m going on time and meet my objective with one reliable suitcase carrying all the essentials.
Gartner Security & Risk Management Summit: June 4–7, 2018 in National Harbor, MD
Ivanti will be at booth 201
The same goes for a solid approach to cybersecurity. At Gartner Security & Risk Management Summit, I invite you all to visit Ivanti booth 201 to take stock of the cybersecurity forecast. Let’s talk today’s hackers and cyber attacks.
- What are you really trying to protect yourself against?
- What attack methods, tools, and entry points are being used?
- And what does this tell you about your organization’s soft underbelly?
By examining modern cyber criminals and their weapons of choice, you can develop solid strategies to combat them. In other words? Out with the magpie approach to security and resulting device sprawl that isn’t getting the job done. In with a successful security strategy built on a few proven, foundational security solutions:
- Inventory and control of hardware and software assets
- Continuous vulnerability assessment and patch management
- Controlled use of administrative privileges
- Secure configuration for hardware and software assets
These are the tools that help IT speak fluent security—our theme for the booth at Gartner this year—and partner effectively with the Security team. Together, these two teams can defeat most cyber threats before they impact the business and respond swiftly to those that do inevitably get through.
We hope to see you at the Gartner event! And if you’d like to know more before it commences, check out our white paper here.