Tuesday, March 21, 2017

Cybersecurity & Strategic Planning

Senior leadership in InfoSec functions need to perform annual strategic planning with budgets, staffing plans, project planning, etc.  However, this activity should not take a considerable amount of time.  Suggested timelines include one hundred and fifty (150) hours of aggregate effort.

Should strategic planning require more time an observation has been that a re-org / redesign may be required.  Said changes should focus on clarity with respect to roles & responsibilities, reporting structures, procurement / solution requirements, operational work streams, P&L, and vendor mgmt.  Furthermore, strategic planning activities should include both grassroots and  top-down involvement.

Sunday, March 19, 2017

Digital Signatures Are Worthless Without Compensating Controls

Many orgs leverage crypto to verify software / firmware / patches / updates; however, many do not leverage integrity safeguards on the versioning of those platforms.

Checksums and other compensating controls should be utilized to ensure the stability of the platform in question.  Such methods would negate the rogue installation of software / firmware.

Monday, March 6, 2017

Ransomware Response: A Service Continuity Challenge

While many security solutions (e.g., CASB, ATP, MTD, DMARC/SPF, EDR) look to catch malware / ransomware threats before they are experienced, isn't the response to a ransomware incident a service continuity challenge?

 With proper RPO terms, as well as tested BCP/DR procedures, ransomware response should be relatively painless.  The real concern is your ecosystem, as many third parties wont have the same governance regarding BCP/DR as a large enterprise.