Security Market Segment LS
Thursday, 10 September 2015 17:44

'Discovery and hygiene' is the key to IT security


If you don't know what you've got and you don't attend to the routine chores, how can you expect to keep your IT environment secure?

Tenable Network Security's CEO Ron Gula says organisations should use five critical cyber controls to identify the most important tasks to keep their environments secure.

They are:

Tracking your authorised inventory of hardware and software.
Continuously removing vulnerabilities and misconfigurations.
Network security should be a daily habit to stem the tide of vulnerabilities.
Giving users access to only what they need.
Searching for malware and intruders.

For example, when it comes to patching "if you have to wait... it's too late," he told iTWire. But once a culture has grown up around patching, it can be hard to introduce changes such as allowing operating systems and applications to update themselves automatically, even though some organisations already do this as a matter of course.

Part of the broader security problem is that because of organisational silos, it sometimes happens that nobody is looking at the big picture, he said.

But the idea of having separate teams for different aspects including response, compliance and intrusion detection is going away, because modern tools - such as Tenable's - mean they are all looking at the same information.

And if you're not detecting any malware on your network, you're probably not looking hard enough, he suggested.

One of the mistakes Gula sees is not paying enough attention to discovery. If that part isn't done properly, how can an organisation be sure that BYOD, cloud services subscribed by departments or workgroups and all the other aspects of 'shadow IT' are in compliance with corporate policies?

Even though Tenable's products include this capability at no extra cost, not all of the company's customers make use of it, he said.

The security focus should be on discovery and hygiene, and "if people do that they'll have a lot less drama," said Gula.

Another recommendation is to consider how someone might attack the organisation, and then address those issues. If the object of an attack is to exfiltrate data, blocking as many outbound connections as possible will reduce that risk - the harder you make it for an attacker, the more likely their activities will be revealed by intrusion or malware detection systems.

He's also "a big fan" of cloud-based single-sign-on technologies. While Tenable is not involved in that area, he says it tremendously simplifies access control.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments