Each month, we try to put together an article to help better inform and engage our user community to current and important Cybersecurity considerations. In the second half of 2020, we at SyCom have been swamped with customers who are either A – concerned about how to make themselves more secure in preparation against threat actors or B – have been a victim of a cyber attack and need help. Both are real and present conditions that require rather immediate attention.
One of the things that I have discovered in the many, many talks that I have with our customers is that the words that we use are very important. Cybersecurity (and technical personnel in general) have a language all their own. Without realizing it, we can easily alienate or disengage important people, when we dive into discussions that use words and acronyms that are foreign to them. If we are to provide real value in these important conversations, we must speak the same language.
Some of the most important and non-technical terms to consider, when speaking about Cybersecurity are risks, threats, and vulnerabilities. I see that these terms get used interchangeably in day to day language, but each has a real and specific meaning. Let’s discuss these in reverse order, starting with vulnerabilities this month.
A vulnerability is a flaw or weakness which can be exploited. In our information technology platforms, these are often software flaws which are repaired by deploying a “patch” which is really an updated version of software which closes the vulnerability. Many of the data breaches and compromises that we must deal with come down to poor vulnerability
management. In other words, organizations are not applying patches to vulnerable systems fast enough to keep bad guys from exploiting the flaws.
We can also make our systems more vulnerable through actions (or inactions) on our part. One of the key methods for threat actors to gain access to systems is to utilize stolen credentials. This means that they can use account ID’s and passwords that they harvest to login and access information that they should not rightly have access to. We can aid them in this process if we practice poor credential management (also technically called Logical Access Control).
This can take many forms, but an important one to consider is keeping up with ID’s and passwords. We all have multiple sets of credentials to access different systems (or we should – please do NOT use the same credentials to access multiple systems). How do we keep track of these? Hackers love it when we store these in a notepad or Word document on our machine. This presents a vulnerability. Not to our machine, but to all the systems that are now available for the hacker to access once they are able to take those credentials for future use. Credential theft is a real and very present danger. Make sure to remove this vulnerability from your environment by using a secure method to store and access credentials.
- Make sure to keep your systems up to date with the latest security updates.
- Make sure you keep offline copies of your most important information.
- Make sure to make yourself and your systems less vulnerable!
Good luck and be safe,
Allen Jenkins, CISO