In part one of our series, we discussed Artificial Intelligence, Machine Learning and pragmatic approaches to cybersecurity with Darren Carroll, TierPoint’s Director of Security Product Management. In this post, we share Darren’s comments on the greatest threats to IT security and what businesses can do to address them.
Automating responses to security threats
Q: There’s a lot of talk about automating security to counter the automated attacks by bad actors on the internet. What are your views on this? Is automation enough?
Darren: It certainly helps to automate a response to known bad actors when we know them by reputation. This would include WannaCry, SQL Slammer, Petya/Not Petya, or any number of other viruses. Our virus and anti-malware applications have been doing that for decades.
We can also automate a response to known bad behaviors such as 400 log-in attempts in a minute. No one can type that fast, so we can be pretty sure that’s just some scripted bot doing a brute force attack that pounds on your active directory to try to login.
We know about these things and can and do automate responses to them to protect systems and data. It’s the unknown, those new attacks or approaches developed by someone with no reputation, that we need to fear. There isn’t much you can do to automate a response because you don’t yet know what to look for.
Protecting against the unknown
Q: So, if you can’t automate against the unknown, what can companies do to protect themselves?
Darren: The IT security threat landscape is evolving so rapidly it’s hard for most organizations to keep up with known security threats. That’s where working with a managed security services partner like TierPoint can help. We have certified and experienced IT security professionals who spend all day keeping our customers’ systems secure.
We’re also one of the first to know about evolving threats because of our position in the industry. For example, Paul Mazzucco, our Chief Security Officer, is a member of the FBI Infragard task force and the United States Computer Emergency Readiness Team. This gives us a unique vantage point and the ability to see what’s coming as well as strategies for countering these attacks.
But if you really want to build a strong IT security perimeter around your organization, you’re going to have to strengthen your weakest link. I hate to say it, but that’s probably the people in your organization.
If you really want to build a strong IT security perimeter around your organization, you’re going to have to strengthen your weakest link.
Think about it. No automated system ever clicked on a link in a phishing email, but plenty of people who ought to know better do that every day. The reality is, no matter how much training you provide your people, you never know what they’re going to do, but that doesn’t mean you should stop trying.
That’s where we get into security hygiene. The average person brushes their teeth every morning before they go to work. It’s become a habit that most of us don’t even think much about. But it didn’t start out that way. If you grew up in my house, you learned to brush your teeth when you were about two or daddy did it for you. As you grew older, you realized that brushing your teeth properly saved you the pain and cost of getting cavities filled. Eventually, you may even get to the point where you realize that flossing daily can help you keep the teeth you have and that becomes a habit, too.
Good security habits are like that. Initially, we create IT security policies and force things like password management on to people. Or maybe we need to regularly remind them not to click on links in emails from unknown senders. It may take a combination of repetition, threats, security policies and automated procedures, but eventually, our goal is to turn these things into habits.
Want to learn more about cybersecurity trends and fundamentals?
Read our Strategic Guide on IT Security where we cover topics from data security fundamentals to the latest cybersecurity trends, and more.