Tuesday, July 16, 2019

The IT Toolbox #005 - Thoughts on Cybersecurity



Define a set of cybersecurity rules.

Define an architecture (be it physical, platform and/or application).

Make sure the aforementioned rules can be applied.  (It doesn't matter if they are perfect, NONE are.)

Fix the rules or what the rules break.

For the love of all that is holy, PATCH in a reasonable amount of time.  (If you use a service provider, make it a contractual obligation and/or a Key Performance Indicator (KPI).)

Make sure there is a mechanism to verify the patches are in place.

Make sure there is a mechanism to verify FW rules are CORRECT.

Segment ALL applications.  Microsegment all unique elements of all applications.  Use SSL.

PATCH everything in a reasonable amount of time (yes, it's a repeat, but many don't hear it the first time).

Be prepared to burn down ANY exposure.  Have a plan in place in the event this must happen.

Have a reporting and notification plan in place.

When an exposure is identified (and it will be) make sure you use the reporting and notification plan.

If you EVER have to break ANY of the self imposed Cyberscurity rules, segregate and enclave to limit exposure.



No comments:

Post a Comment