Worried about malicious attacks on your network? SIEM vendor SolarWinds has shared this informative infographic illustrating exactly how severe and widespread data breaches are in today’s corporate IT environments, as well as four simple steps that organizations can take to protect themselves from attack.
Mav Turner, Director of Product Strategy, Security, at SolarWinds and Solutions Review contributor, expanded on the four tips in an interview with federal technology insider, available below the break.
1. Keep your software up-to-date.
The reason attackers are able to exploit known vulnerabilities is because patching can be complicated and time-consuming. We recommend automating the process so that relevant patches are identified, deployed and validated before known vulnerabilities can be exploited.
Also, it is important to have configuration tools that integrate with vulnerability databases, so you can automatically check your network for newly identified vulnerabilities and alert your IT team, or automatically remediate your configurations to eliminate new threats.
2. Educate your users/employees that there could be something “phishy.”
Low security awareness among employees continues to be a leading inhibitor for agencies to defend themselves against cyber threats. Why are phishing attacks growing in frequency and sophistication? Because users are increasingly falling for these tricks and attackers are making a handsome profit selling the stolen data.
The themes of end user education and awareness are indeed a part of National Cyber Security Awareness Month 2015. Individuals need to recognize that they have a shared responsibility to “Stop.Think.Connect. ™”, and this awareness carries over to the workplace, as well.
3. Monitor and alert in real-time to avoid being a sitting duck.
It is disappointing that it takes over six months for the average organization to realize they were breached, especially since monitoring solutions can alert in real-time. I think the issue here is that monitoring systems produce so many alerts that they create alert fatigue. Agencies need to refine the alerts they receive so they can identify and respond to threats in real-time.
4. Foster teamwork and knowledge sharing.
Improved knowledge sharing is on the rise. I previously mentioned the National Vulnerability Database, which is a good example. And, hopefully, the increased sharing of threat intelligence will make it easier to know if the bad actors are targeting your networks or systems.
Looking for more tips on SIEM and information security? Check out the 2016 SIEM Buyer’s Guide:
Widget not in any sidebars
- Five Questions You Need To Ask Yourself When Evaluating SIEM Solutions - November 8, 2017
- Winning the Data Breach War with User and Entity Behavioral Analytics - November 3, 2017
- 5 Alternatives to The Gartner Magic Quadrant for SIEM - October 31, 2017