One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2701309 |
| Date de publication | 2021-04-27 10:00:00 (vue: 2021-04-27 11:05:37) |
| Titre | Priority on people - An argument against the excessive use of Cybersecurity technology |
| Texte | Introduction Despite what many advertisements and salespeople would like you to think, you don’t need to (and in many cases shouldn’t) spend a fortune on security tools to achieve a robust cybersecurity program. Some tools are essential, such as a ticketing tool or Security Information and Event Management (SIEM) system, but the best security programs are built off the employees that run the business. Without their support and understanding, even the most secure system or software suite could be brought tumbling down with little effort. Every member of an organization with access to computers or data is a potential source of compromise and a potential source of system failure. Almost every component, system, or workflow, down to the fundamental building blocks of society, rely on the fair and accurate participation of those involved in it. Accordingly, any deviance, whether intentional or not, from this set state can cause significant issues to arise. It is vital that the security team realize that the purpose of security is, foremost, to promote the ability of the business to do business. Excessively complex or costly security measures that do not serve the needs of the organization or support it in its mission are worse than no security at all. Staff over software One of the first categories of people to focus on is your security (or IT) staff. Some technology requires specific skills, knowledge, or time, any one of which your team may lack. Without first considering the available resources needed to implement, use, or even maintain any given software solution, you would be missing a critical component in the evaluation process. Any software or tool is only as good as the person using it, regardless of how expensive or cutting edge it may be. Each software implemented, outside of the standard ‘install and forget’ type, requires planning, reviews, training, and maintenance to be effective. Given the state of most IT and Cybersecurity teams, there is likely not enough hours to go around to properly execute the necessary tasks needed to meet the above requirements. Implementation and maintenance requirements will vary based on the type of software, but it will always be present and should be factored into the overall cost of the solution being considered. The second category is, of course, the employees of the organization. Not all tools will solely reside in the domain of the IT or Security teams and may be rolled out to broad swathes of the organization. As anyone who works in cybersecurity knows, we walk a careful line between security and functionality. The software we pick, therefore, must be secure enough without being overly complex or burdensome. Any solution must be ‘right-sized’ to the institution, both in cost and effectiveness, but also in adoptability. If staff refuse to, or are unable to, use the new tool it serves very little purpose in the overall mission of security. Instead of prioritizing software, it is recommended to focus first on user training on key security issues and on the acceptable use of technology. Part of this training should include active testing such as phishing campaigns or other social engineering endeavors. Focusing on employee training has been seen to lead to a far higher return security-wise when compared to equivalent software solutions. When to use software To be clear, it is not being argued that organizations shouldn’t use any software. In order to have a fully mature and functional security program, there are several critical components that any organization should adopt. Specific requirements will vary per organization, industry, and regulatory requirements, but a general list of ‘must-haves’ is: SIEM software End-point protection software Vulnerability scanning software Mobile Device Management (MDM) software (as needed) Backup software Encryption te |
| Envoyé | Oui |
| Condensat | ‘install ‘must ‘right ability above acceptable access accordingly accurate achieve active adopt adoptability adoption advertisements against all almost also always any anyone are argued argument arise around assessment assist available backup based become been being best between blocks both broad brought build building built burdensome business but campaigns can careful cases categories category cause clear clearer come comes company compared complex component components compromise computers concert conclusion conducting considered considering cooperation cornerstone cost costly could course critical current cutting cybersecurity data defining desired despite develop developed deviance device discordant does domain don’t down each edge effective effectiveness effort emphasis employee employees encryption end endeavors engineering enough equivalent essential established establishing evaluation even event every excessive excessively excise execute exhaustive exists expensive factored fail failure fair far first focus focusing followed foremost forget’ fortune founded framework from frustrating fully functional functionality fundamental further general get given gives goal good hallmarks has have haves’ higher hours how idea identifying implement implementation implemented important include includes industry information instead institution intentional introduction involved is: issues its key knowledge knows lack lead like likely line list little long looking maintain maintenance make management many mature may mdm measures meet member mesh missing mission mobile most much must necessary need needed needs neither new not off once one only order organization organizations other others out outlining outside over overall overarching overly part participation people per person phishing pick planning play point potential present prioritize prioritizing priority process processes program programs promote properly proposed protection purpose put reach realize recommended refuse regardless regulatory rely requirements requires reside resources result return review reviews risk roadmap robust rolled run salespeople scanning scratch second secure security seen selecting selection serve serves set several should shouldn’t siem significant simply sized’ skills social society software solely solution solutions some source specific spend staff stage standard state step steps strategically strategy such suite support swathes system takes target tasks team teams technology testing than therefore these thing think those ticketing time tolerance tool tools training truly tumbling type unable understanding understood unity use used user using vary very vital vulnerability walk well what when where whether which who will wise without work workflow works worse would your |
| Tags | Tool Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.