Andrew Lawrence, Superloop’s Chief Security Officer discusses the real security dangers keeping his customers up at night, practical strategies for dealing with them (and getting a good night’s sleep!)
For those of us who recall the flailing armed silver robot from Lost in Space , instinctively looking out for his young charge, one might be forgiven for thinking the constant waving of the “malicious threat” flag feels somewhat similar.
And, like Will Robinson, you might be disinclined to take much notice.
If you’re a small to medium enterprise, though, that would be a mistake. While the dangers of malicious threats and “intruders” may seem overblown, the reality is - ignoring the basics of security management is far more likely to let you down.
While responsible companies have some kind of antivirus, anti-malware and filtering technology used daily, without a dedicated security team it’s hard to keep on top of the ever-evolving threat landscape and understand what’s going on
Whether you are a $1billion or $1million company, threats no longer differentiate. Small and medium enterprises are trying to defend against the same problem without the same resources that larger organisations have.
Although there has been significant advances in technology over the last 20 years, it’s the security basics where we see people still coming unstuck.
Here are the basic questions you should be asking?
- Do you patch systems in a timely manner?
- Do you proactively manage software such as rolling updates to application and systems?
- Do you track your assets (in particular mobile devices that are now more popular than ever) and roll out the appropriate updates?
- Do you know who has access to which systems and databases?
- Do you know what your critical data is, where it lives and what your organisation has to lose?
If you think you have covered the basics already? Make sure to look at the Australian Cyber Security Centre’s eight essential strategies to improve cyber resilience for a more in depth look at basic mitigation strategies.
There will always be people with malicious intent - it’s hard to defend against all possible attacks at once. However, it’s the non-advanced, persistent threats, which you can defend against easily if you have the basics covered.
Learn more about how Superloop's Security Services can defend your organisation from a unrelenting cyber-attacks here - https://www.superloop.com/business/services/security/.