Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack.
As usual, everyone cried “foul play” and suggested that proper cybersecurity measures should have been in place. And again, as usual, it all happens a bit too late. There was nothing special or unique about the attack, and it wasn’t the last of its kind either.
So why are we, in IT, still happily whistling into the wind and moving along as if nothing happened? Is everyone’s disaster recovery plan really that good? Are all the security measures in place – and tested?
Let’s Do a Quick Recap (of What You Should Be Doing)
First, cover the basics. Perform proper user training that includes all of the usual: password hygiene, restrictions on account sharing, and clear instructions not to open untrusted emails or to access unscrupulous websites. It’s an inconvenient fact that human actions continue to be the weakest link in cyber defence, but it’s a fact.
Thinking about the infrastructure side, consider proper asset auditing, because you can’t protect what you don’t know exists. As a next step, implement network segmentation to separate all traffic into the smallest possible divisions.
images from Hacker News