The future is a distraction, risk lives in the present

Guest blog by Anthony D'Alton from Rant Events

New ventures and concepts are all well and good for the future of cybersecurity, but what about the present?

At the moment there is a lot of focus on what is on the horizon for cyber security, and why not when it features head-turning concepts such as quantum cryptography, autonomous vehicles and machine learning.  However, we are still not addressing today’s problems such as system patching and having a rigorous password policy. If we do not cover the basics and learn from what has been done wrong, then we are in danger of trying to run before we can walk.

It is human nature to be drawn towards scary, complex issues. However, a lot of the answers to the problems we’re facing now lay in challenges we’ve faced in the past. Look at the recent issues surrounding Solarwinds. Supply chain attacks have been well addressed in the past, yet in that incident we saw how the impact of one small part of the chain rolled on to become a threat to a huge number of companies and Government organisations.

The basics of cybersecurity came into play here, as some disclosures showed that Solarwinds had been told that credentials for its software update server had been exposed in a public GitHub repository, where a researcher said files could be uploaded. This was because the password was stored in plaintext and was “a textbook example of a weak password that never should have been allowed.”

This was disclosed to Solarwinds in November, and a month later reports began to emerge of nation state interference. Was this a case of a company running before it could walk? Potentially, but had this issue been taken on board and dealt with, it is hard to say whether the wider problem of the Orion hacking could have had such an impact.

Also consider visibility. Many security teams still do not know what technologies are active in their environment, which makes protecting and securing it a challenge. This comes almost three years since GDPR came into force, where visibility of assets, traffic and environment is a very practical part of compliance.  Again, a simple concept, which could help greatly in the reduction of risk.

Securing the user is another perennial problem, notoriously hard to address effectively, but a crucial part of the baseline of risk reduction efforts.  More often than not, organisations may be as culpable as the target employee, failing to put in place the kind of education and training programmes crucial for reducing risk from social engineering attacks. It should be the main priority of the company to keep users safe, and all too often that “basic” task is not completed, with blame being extended to the unwitting employee.  This only serves to grow the gulf between the security team and the employee base.

The main factor is that in order to understand where we are going, we need to look back at the lessons learned. With knowledge of where the basics were done well, and data on what went awry in the event of an issue, we can better understand how to get the fundamentals right.  As ever with an effective security, resolving these issues is a combination of people, process and technology, which requires resources.  Investing in such things can only be done effectively with this kind of visibility. 

The rapid move to remote working last year has further embedded this importance of doing the basics well to reduce risk.  When companies were caught off guard by the pandemic, they learned that simple security practices such as robust authentication and password procedures, could address the majority of a suddenly yawning gap in risk could be addressed by doing the simple things well.  Initiatives such as rigorous password management, reliable MFA and education programs to address employee threats became a crucial part of the equation.  

Now, as organisations face a future filled with connected technologies and entire businesses built on code, security needs to be more than an afterthought. If yesterday’s lessons are not taken on board today and put in place for tomorrow, attackers will continue to take advantage of simple gaps in our armour.  Doing the basics well can prevent this.


Want more information?

Get in touch with us