In our previous blog, we defined CyberSecurity Architecture and addressed blocking and tackling from our September 24, 2018 Athens Group Services Newsletter. That newsletter discussed our afternoon panel at the September 2018 Advanced Rig Technology Conference & Exhibition in Austin, Texas. Our panel presentation was titled: “It’s NOT Rocket Science. It’s Blocking and Tackling.” Although a football reference, it was meant to hit home with the simple fact that cybersecurity’s foundation in any organization depends on how well the basics are executed. Blocking refers to instituting the mitigation processes discussed in the newsletter. Tackling means getting out in front of the threats by implementing a CyberSecurity Architecture. So, what can you do?
Blocking versus Tackling
Blocking | Tackling |
---|---|
Virtual Private Network (VPN) | User Training |
Firewall | Management of Change |
Demilitarized Zone (DMZ) | Patching |
Strong Passwords | |
Personal Device Policy | |
Tested backup and restore | |
Website and Email white listing |
Here’s what you need to do for Blocking:
- First, define you current as-is network identifying all hardware, software and vendor applications.
- Map all users on to all the applications to which they have access.
- Define what you want for your CyberSecurity Architecture. Include these three process:
- Evaluate using a CyberSecurity Architecture Risk Assessment, the value of vital operational assets, the likelihood of occurrence, and effects the risk to your operations.
- Define your optimum CyberSecurity Architecture and Design, ensuring the mitigation of operational risk exposure.
- Implement CyberSecurity services and processes. Ensure services are designed to your security policy and standards, cybersecurity architecture decisions, and risk management.
- Operate and monitor day-to-day processes, such as threat and vulnerability management and threat management. Here, measures are taken to supervise and handle the operational state in addition to the depth and breadth of the systems security.
- Ensure that the current network hardware and software supports your designed Firewall, VPN and DMZ. If they do not then buy new hardware and software.
In parallel with your Blocking efforts, Tackling will address the following vulnerabilities:
Tackling | Vulnerability Addressed |
---|---|
User Training | Phishing
Employee installed applications |
Management of Change | Employee installed applications
Inadequate firewalls |
Patching | Unpatched hardware and software
Inadequate firewalls |
Strong Passwords | Weak passwords |
Personal Device Policy | Personal devices infected outside of work
Employee installed applications |
Tested backup and restore | Poor to no Backup and Restore |
Website and Email white listing | Surfing compromised websites |
The above Blocking and Tackling will keep the attackers out of your red zone!
What can you do about it?
Read the blog entries on our website – www.athensgroupservices.com, join our LinkedIn Group, and subscribe to our newsletter.