It is like a horror movie we have all seen where for some strange reason they are dumb and they go to the basement or they check that closet. Or someone gets robbed at their home and the police are reviewing the crime scene and the homeowner had an alarm system and they never activated it because they say “I just thought it would never happen to me!” Or here is the classic, “you lock the front door and the back door is wide open and you wonder to yourself how could that happen?”
It is like that in companies and securing your environment. We overlook the obvious! Or we do the dumbest things in our quest to secure our companies valuable intellectual property. From my role as a CIO of a manufacturing company in Chicago and my 20+ years of experience in the IT field, I have seen it all and still nothing surprises me even to this day. I have to always stand back from the controlled chaos of every day work life and review the obvious and make sure I am not overlooking anything that can bite me later. It is not about spending the most money, it is about good old fashion review and double check your work. I call it looking for the “Free Stuff”
A little good old fashion hands on review never hurt anyone - Here are some basic items to review for that “obvious” “aha moment” or the “Free Stuff” that I feel if always reviewed is your first line of defense.
“In post incident review, it is often discovered that critical systems were left unpatched either since installation or over an extended period of time”
• Are my servers/workstations patched for all critical patches?
In a conversation I had with “Special Agent Aaron Van Hoff” on system patching who works “cyber matters” in the FBI Chicago field office and has 12 years with the FBI on investigating incidents where a company or persons are compromised by a technology hack, with his permission and I quote:
“Keeping systems up-to-date with the latest patches and hotfixes is a baseline principle of IT security, but unfortunately at times, it is a glaring oversight that we see in some victim companies that have been hacked. In post incident review, it is often discovered that critical systems were left unpatched either since installation or over an extended period of time. With the window increasingly shrinking between when vulnerabilities are discovered and when malicious actors develop exploits for those known vulnerabilities, it is crucial for IT security professionals to work quickly within that window in order to safeguard their systems from known threats.”