According to the 2013 Trustwave Global Security Report, most of the top vulnerabilities and threats were found to negatively impact multi-national corporations, merchants and government entities throughout 2012. To improve security posture, Trustwave, a provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances recommends six focus areas for organizations in 2013 as below:
- Educate employees. Employees are the first line of defence against attackers. Organizations should conduct security awareness training on a regular basis for all existing and new employees.
- Identify Users. Every user-initiated action should be tagged to a specific person, whether in a physical or digital environment. Every year, a significant number of data breaches occur as the result of an attacker obtaining access to a user’s account.
- Register Assets. With the increase of bring-your-own-device (BYOD), it is more important than ever to have a complete inventory or registry of valid devices. A device should never be allowed access to a controlled environment unless it’s registered and known. In addition, the patch levels and vulnerabilities should be assessed on a regular basis not only to work to improve the security of those in the environment but also to understand what risks exist when issues can’t be resolved in the short term.
- Protect Data. Attacks are more sophisticated than ever, and keeping cybercriminals out requires a multi-faceted approach. Businesses should implement a “more than technology” approach to security that includes team training and education, secure code review, and periodic penetration and vulnerability testing for e-commerce Web applications, as well as a data lifecycle methodology that governs data from creation to destruction. They should also create resiliency in systems by layering proven technologies such as a powerful secure Web gateway and a Web application firewall that can be deployed to improve protection and performance of business-critical applications, with virtual patching capabilities that combat threats in real-time.
- Unify Activity Logs. Most businesses today treat physical and information security controls separately. Badge systems, HR records, and even loss prevention are not typically tied to the same team that monitors firewalls, intrusion detection and other security technology. Businesses should employ technology like security information and event management (SIEM) to take over the processing of these logs.
- Visualize Events. The ultimate goal for organizations should be to develop an environment in which security threats are discovered innately-by both responsible security professionals and others in the organization. Security event visualization allows businesses to identify patterns, emerging vulnerabilities and attacks, and respond quickly and decisively across the organization when an attack does occur. Using the right data sources, advanced SIEM analytics, and data modeling, security event visualization prepares businesses to effectively mitigate current and future threats.
The organizations should learn from other people’s experiences together with the above suggestions to build stronger and more responsive security programs that protect their businesses and stakeholders.