For the security health of an organization to be robust, it is necessary to move from a reactive state to a proactive one.
Five ways to become proactive in securing the organization are-
- Examine
existing systems and architecture 10
Irrespective of how much an organization has already invested in “security”, it should start by examine the security architecture and the systems that are already in place. A loophole between to processes, or misconfiguration of a high-end firewall can collapse the entire security model. Also, looking at the existing systems with through a “security” view point can help identify serious lapses which need to be addresses. - Identify
systemic vulnerabilities
Systemic vulnerabilities are those that affect “more than just the current system or individual systems under development” 10. Many of these vulnerabilities may have been overlooked and not considered as “vulnerabilities” and accepted as part of the organization culture. A systemic vulnerability may not currently be under any jurisdiction, so “tracing the origin of practices and policies is mandatory for a true evaluation of organization behavior and, consequently, the security of the organization” 10. A systemic vulnerability can bring down not only an individual system but also the entire organization. - Identify
existing security plans and procedures 10
An organization may already a few documents pertaining to security and procedures in place. Reviewing these legacy information is imperative, as changes need to start from these documents. These changes should then be addressed with the entire staff, and the items discontinued should be highlighted, and the new changes in place made known clearly and completely. - Identify
the gaps in security policies
If the organization has security policies already in place, it is important to determine “the coverage of those policies and, at minimum, establish a default authority for incidents outside of what is defined.” 10 Ideally, the organization would have a response team identified for likely scenarios, but it might not be possible to predict every eventuality. These scenarios tend to change with technology and time, “so eliminating stale scenarios and establishing a wide coverage of contingencies is imperative.” 10
Identify software lapses
and unpatched systems
Legacy systems pose some of the biggest risks to an organization’s
infrastructure as they remain known targets to potential attackers. If an
attacker can discover a path to a known system, “it increases the attack
surface with potentially unknown consequences to your organization.” 10 Eliminating dangerous
legacy equipment should be a priority and mitigating access to it should be a
“stopgap measure” 10 Patches
and software updates should be routinely applied, and there needs to be a check
in place to ensure that legacy systems need to be patched on priority.