5 Priorities for a Modern IT Security Team

IT Security

As part of Solutions Review’s Premium Content Series—a collection of contributed columns written by industry experts in maturing software categories— Christopher Prewitt of Inversion6 takes us through the five pillars every IT security team should have to hold up their castle in the cloud.

SR - Premium ContentLike a medieval castle, protecting our IT assets used to be about digging deeper and wider moats to keep away invaders. Today, there is no castle. Our people and information are as scattered as the attackers attempting to exploit them– and like an old moat with nothing to guard, traditional methods of protection are largely obsolete against modern forms of attack.

Over the last 12 years, we have seen an explosion of new security solutions springing up to combat these new types of threats. Some estimates have shown an increase from 100 solution providers to more than 23,000 globally from 2010-2022. Today, we have an acronym soup of security solutions—EDR, DLP, CASB, SSL, IPS, ATP, SIEM, ZTNA, CSPM, CWPP, ML, SWG—and yet, attackers continue to launch faster, larger, and more successful strikes. Why?

In the modern workplace, our data and systems are free to move and travel. We share and collaborate not only with our co-workers but with our partners, suppliers, and customers. Modern businesses can’t manufacture, transact, invoice, or collect cash without partners. Our businesses are part of a massive intertwined web of data, a web that has increasingly expanded into our personal lives as well. This new reality makes “securing data” in the traditional sense a nearly impossible task.

And yet, some things do not change. A successful IT security strategy still begins with a solid assessment of your operating environment and your risks, so you can properly align your IT investments. Businesses come in all shapes and sizes, but most share the same modern risks.

With that in mind, here are a few areas to prioritize in your IT security strategy.

  • Solid Security Awareness Good security awareness across all levels of any organization is critical in protecting data and preventing threats. Unfortunately, IT professionals aren’t always the best communicators. Short, engaging content free of acronyms and “IT speak” will help your organization create a culture of personal responsibility. Setting this baseline of understanding will make the technical aspects of IT security easier and more effective.
  • Strong Endpoint Detection Attackers gaining access to a corporate laptop is most often how serious security incidents begin. In fact, research has shown more than 80 percent of successful breaches begin by compromising a device being used outside a corporate firewall or other network security devices. Traditional antivirus protection products have been dead for many years, but most users still remain a mere click away from being compromised. This makes a strong endpoint product one of the most critical security investments you can make.
  • Powerful Phishing Prevention Innovations in anti-phishing and email compromise prevention include new APIs that can leverage the power of AI to detect threats using historical data. Meanwhile, an improved analysis tool can help identify compromised emails from suppliers and partners’ businesses as well as “internal to internal” threats.
  • Improved Security Credentials With no walls or defined network perimeters, usernames and passwords have become our primary line of defense against attack. Unfortunately, most are easily guessed or heavily re-used. Multi-factor authentication (MFA) attempts to shore up these vulnerabilities, but MFA bypasses are all the rage with attackers in 2022. Given this reality, more robust tools such as conditional access, zero trust models, and detective controls with automated responses are worth serious consideration.
  • Investment in Mobile Protection Many organizations are using rugged Android mobile devices for field service, distribution, and logistics. Of course, attackers have taken notice and begun searching for ways to exploit these devices. Traditional Mobile Device Management solutions rely on “secure configurations” to lock or wipe devices if they are attacked, but they are unable to identify specific security threats on a device. Some new solutions are now entering the market with promises of more sophisticated controls. This is a fast-growing area of risk management, and it’s worth keeping a close eye on these developments.

We may not have castles to protect anymore, but a good enterprise mobility strategy is still about making a thoughtful plan to mitigate risk. By aligning resources to combat common attacks, moving from preventive to detective controls, and investing in a culture of security, you can build a thriving IT security infrastructure— one that will continue to work for you, not against you, as your business grows.

Christopher Prewitt
Follow Chris
Latest posts by Christopher Prewitt (see all)