1. Monitor the networkYou can’t manually watch everything that travels across your network. However, you can automate this process by using network monitoring in addition to storing and reviewing system and network logs. Network monitoring solutions typically work by comparing traffic against thousands of signatures of known malicious activity. Albert is a network monitoring solution for US State, Local, Tribal, and Territorial (SLTT) government organizations such as public power and utility services. Albert provides low-cost, effective network monitoring for SLTTs across the country.
2. Know your dataYou can’t defend what you don’t know you have. As cloud technologies and mobile devices become workplace staples, it’s essential to consider all information for which your organization is responsible. Start by taking an inventory of all hardware and software your organization uses. Next, map out where data lives – whether that’s on a hard drive, in an application, or in the cloud.
3. Create an actionable crisis management planIn an emergency, every minute counts. That’s why a crisis management plan must be actionable in order to be effective. Make sure the plan identifies which parties in the organization need to take action in a specific crisis scenario. Each role should also have specific tasks assigned, so everyone knows what to do when a situation arises.
4. Make cybersecurity relatable to employeesPeople are much more likely to take action when they understand what to do and why it’s important. Educating your employees about protecting their PII (personally identifiable information) can go hand-in-hand with education that protects organizational data. Many of the same skills will be useful, such as:
- learning how to spot a phishing email
- ensuring applications are up-to-date
- knowing how to avoid potentially dangerous or vulnerable websites
5. Account for risk and burden in your controlsMany organizations rely on a combination of best practices and security guidelines to harden their systems and data. No matter how you set organizational controls, your method should account for risk and burden. We developed CIS RAM (Center for Internet Security Risk Assessment Method) to help organizations accomplish this. CIS RAM helps to implement the CIS Controls best practices in a risk-informed way with instructions, templates, and more.
Download CIS RAM
6. Tools need a process and a process needs an auditPower and utility organizations often need custom scripts and other software to accomplish their goals. When developing tools, look at the processes behind them. Consider implementing DevOps – taking into account security from the start. DevOps brings together software development and IT teams to help build and test applications together. DevOps processes should be audited and reviewed to ensure they are both collaborative and efficient.
7. Vulnerabilities are only the fruit - find the root of the problemNew software vulnerabilities are being discovered every day and will continue to be exploited by cybercriminals in 2019. Rather than chasing the latest threat, focus on implementing basic cyber hygiene and security best practices. Many data breaches are caused by known configuration flaws and security gaps. Implementing consensus-developed configuration standards like the CIS Benchmarks™ can go a long way towards your overall security posture.
Download CIS Benchmarks
8. Make third-party risks tangibleBetween different applications, cloud providers, and “as-a-Service” offerings being used by organizations worldwide, it’s important to take into account third-party risks. Identify which data and software reside with each third-party provider and delineate who is responsible for which security tasks. Then, communicate with your providers to develop a “shared security responsibility” model. This will give you greater peace of mind and a clearer picture of your third-party security risks.
9. Make 2019 about governanceUDP port 2019 is known as “about” – but what’s 2019 about? For security professionals, governance will be key. We must have the determination and drive to implement security controls throughout our organizations. These controls should help determine how data is managed, how to deploy security best practices, and how to respond to various cyber threats.
A shared responsibility
There’s room to grow for everyone; whether that means better employee training, implementing network monitoring, or stronger risk management., Security experts take on massive responsibilities to protect data and systems, but we’re not alone. By working with IT, software development, and indeed the entire organization to implement best practices, we can all resolve to be more secure in the coming year.