If you’ve been paying attention to the news, you’ve no doubt heard about the vault 7 CIA leak, the NSA leak of the equation group tools and the NSA reporting on Grizzly Steppe (the Russian Malicious Cyber Report.) Kanata North company Signiant recently reported on these hacks in their blog post titled, How Safe Is Your Content?
All of these releases have shown the extent and reach of state-sponsored hacking groups. They also show that a common purpose exists: the aim to exploit systems that are in use by the general population.
The attack surface of hackers is much too large to cover every possibility of exposure – it is much more useful to look for metrics and indicators that let a company know that an event has occurred and provide actions to mitigate further damage. For companies who work in this space in Kanata North, they know how important it is to provide information to their clients to keep them protected.
For example, if insider threat is a concern, monitoring how data flows across the system and understanding what is normal and what is not will indicate a threat regardless of the sophistication of the tool. This type of approach could allow the detection of things like Cloudbleed, which Fuelled Networks recently blogged about, much sooner.
If a system is corrupted with ransomware, having an off-site near real time backup removes the leverage these hackers have on the company. The data can remain safe away from the company network while the attack vector is discovered and patched.
Critical security controls are well defined for computing systems and having a strategy on how to address each one is at the core of vulnerability management. Herjavec Group, located in Kanata North, recently published a blog post called Cybersecurity Conversations for the C-Suite in 2017. It’s a fantastic primer on the questions you need to be asking yourself about cybersecurity in 2017.
On March 28th, Kanata North’s Iceberg Networks will be hosting a Vulnerability Management virtual lunch and learn, which we highly recommend you attend. You’ll find details on the event as well as registration details here.
Schneider Electric, another Kanata North-based company, has recently published a blog post on Cybersecurity Risk Management and how it affects your supply chain. We also recommend giving that a read if your company could benefit from improving its online security.
As you can see, vulnerability management and cybersecurity is critical for companies to pay attention to in 2017 (and beyond.) We’re excited to see how our local Kanata North companies are stepping up to make this a priority and we’d love to hear more about how businesses can protect themselves against these types of attacks. Leave your advice, tips or links to helpful articles in the comments or connect in our Facebook Group or over on Reddit.