perm_phone_msgConsider your business risks? Chat With US

How to minimize cybersecurity breaches in 2020 | Digital Shadows

Global news BCyber todayMay 5, 2020 38

share close

Seriously, don’t click back or close – I promise it’s not another one of those “buy all the newest stuff from X, Y, and Z!”  Give me a minute or ten to share my thoughts on minimizing cybersecurity breaches in 2020 – it will be worth it.

‘Cybersecurity Breach’ is probably the most overused scare tactic, massively searched term, and the entire reason that RSA Conference even exists today (OK, not quite, but … yeah.  It’s up there).

“You’ve been breached”, “you’re going to be breached”, “it’s not if, it’s when”, etc., etc., etc.  I know you’ve all heard it.  Heck, we’ve all SAID it.

The goal is simple:  Zero breaches/hacks/incidents.  And the reality is:  It’s not going to happen.

Spoiler alert:  There is no single pane of glass. There are no magic bullets.  There isn’t one product that will do all your systems management, updates, and alerting for you.  Contrary to what some would have you believe, no single vendor has all the products to do it, either.

That said, there are some tried-and-true methodologies, best practices, and tools that can reduce your online exposure and help minimize the likelihood of a cybersecurity breach (aka you having a Really Bad Day™).

The better news?  You already very likely have several tools at your disposal to mitigate a large amount of your pain.  Let’s get after it.

8 Ways to Minimize Cybersecurity Breaches




OK, fine.  So what?  Where do I start, right?

If you’ve Documented All the Things and Patched All the Things, you should have an idea where to start.  In some cases, finishing the L7 deployment of your firewall will help immensely with understanding and controlling application traffic.  Consider implementing DLP policies that watch at first, without an explicit block/drop rule.  Look into transparent proxies or ICAP proxies – if a user can manually bypass a proxy, they will.

Consider “always-on” VPNs for remote users.  While less efficient, consider disabling split-tunneling on VPNs, to allow a central control policy/enforcement.  SDP is also becoming more user-friendly and feasible to deploy.

Enable log collection from more devices.  Servers – of course.  Network devices – yes.  Workstations?  It depends; I would say yes in most cases, but filter & collect the relevant logs, not just “Log All The Events”.




There are no quick fixes.  And while some of the advice here may seem rote or too simplistic, the reality is that as an industry, the core tenets are not being handled properly.  Before you entertain any new technology or vendor, do an internal inventory first.

When you’ve done that, you’ll have an excellent idea of what you need moving forward.  We’d love to be part of that conversation when the time is right!

(You can learn more about SearchLight, the Leader in Digital Risk Protection, here.)

This content was originally published here.

Written by: BCyber

Rate it
Previous post