No. 1: Securing your remote workforce
Focus on business requirements and understand how users and groups access data and applications. Now that a few months have passed since the initial remote push, it’s time for a needs assessment and review of what has changed to determine if access levels are correct and whether any security measures are actually impeding work.
No. 2: Risk-based vulnerability management
Don’t try to patch everything; focus on vulnerabilities that are actually exploitable. Go beyond a bulk assessment of threats and use threat intelligence, attacker activity and internal asset criticality to provide a better view of real organizational risk.
No. 3: Extended detection and response (XDR)
XDR is a unified security and incident response platform that collects and correlates data from multiple proprietary components. The platform-level integration occurs at the point of deployment rather than being added in later. This consolidates multiple security products into one and may help provide better overall security outcomes. Organizations should consider using this technology to simplify and streamline security.
No. 4: Cloud security posture management
Organizations need to ensure common controls across IaaS and PaaS, as well as support automated assessment and remediation. Cloud applications are extremely dynamic and need an automated DevSecOps style of security. It can be challenging to secure the public cloud without a means to ensure policy uniformity across cloud security approaches.
No. 5: Simplify cloud access controls
Cloud access controls typically are done through a CASB. They offer real-time enforcement through an in-line proxy that can provide policy enforcement and active blocking. CASBs also offer flexibility by, for example, starting out in monitoring mode to better ensure fidelity of traffic and understand security access.
No. 6: DMARC
Organizations use email as a single source of verification, and users struggle to determine real messages from fakes. DMARC, or domain-based message authentication, reporting, and conformance is an email authentication policy. DMARC is not a total solution for email security and should be one piece of a holistic security approach. However, it can offer an additional layer of trust and verification with the sender’s domain. DMARC can help domain spoofing but will not address all email security issues.
No. 7: Passwordless authentication
While employees may not think twice about using the same password for their work computer as they do for the personal email, it can cause major security headaches. Passwordless authentication, which can functionally work in a few different ways, offers a better solution for security. The goal should be to increase trust and improve the user experience.
No. 8: Data classification and protection
All data is not the same. A one-size-fits-all security approach will create areas of too much security and others of too little, increasing the risk for the organization. Start with policies and definitions to get the process right before beginning to layer in the security technologies.
No. 9: Workforce competencies assessment
Install the right people with the right skills in the right roles. It’s critical but challenging to combine hard technical skills with softer leadership expertise. There are no perfect candidates, but you can identify five or six must-have competencies for each project. Assess competencies in a range of ways, including cyber-ranging and cyber simulations and softer skill assessments.
No. 10: Automating security risk assessments
This is one way to help security teams understand risks related to security operations, new projects or program-level risk. Risk assessment tends to be either skipped entirely or done on a limited basis. These assessments will allow for limited risk automation and visibility into where risk gaps exist.