5 steps to proactively address security breaches

Businesses are constantly looking for new security strategies to keep under control the growing volume of cyber threats as well as the security challenges posed by the adoption of remote working. The practical approach presented by Murat Kaymaz, Managing Director of Cybersecurity Soitron Group, at the CIO Council 2022 annual conference, is accessible to any organization, regardless of its size, and can ensure end-to-end protection, even at the end-user level.

Every day, in Romania, there are detected between 500,000 and 800,000 cybersecurity events, representing 15-18% of the total volume of real threats faced by local organizations (*). The high frequency of computer attacks puts companies in difficulty, the security challenges being amplified by the extensive adoption of remote work and Cloud services, as well as the acceleration of the digital transformation of business processes.

 

 

All these changes at the business level increase the companies’ needs for IT security, as by moving end-users, equipment, and applications outside the network, the security perimeter model becomes ineffective, expanding the attack surface and giving attackers more chances to exploit emerging vulnerabilities.

„It is obvious that any security manager likes to think that their company’s infrastructure is secure and protected. However, we recommend another approach, by which we proactively assume the existence of security breaches. If we admit their existence from the start, it is easier to go through the necessary steps to find and eliminate the breaches, making us better prepared against the vulnerabilities that will inevitably arise“, explained Murat Kaymaz, Managing Director of Cybersecurity Soitron Group.

Security breaches protection measures

The recommended approach by the Soitron Group specialist is based on five practical protection measures, which can be applied by any company, regardless of size or field of activity:

1 – Discover and inventory all the components that make up the company’s digital infrastructure. “Inventory” should include not only the equipment and applications used by a company but also its end-users. It’s important to know in real-time all users, applications, and devices accessing your organization’s resources.

2 – Protect the identity of end-users and the applications they use. More and more employees are opting to work remotely, making it increasingly difficult to establish and verify their identities. However, the identity of the end-users has become the new security perimeter of the organizations, and the applications – which are no longer run inside the on-premises networks – represent the new network that must be protected.

3 – Prevent attacks and limit the extent of damage by segmenting your infrastructure. The larger the attack surface, the more difficult it is to protect it. By segmenting into subnets, the effort becomes lower, and if attackers manage to get past the protection systems, the damage is limited, eliminating the risk of compromising other resources through lateral movement.

4 – Invest in advanced threat detection. Businesses need security systems that can collect, correlate and analyze contextual data from multiple sources to detect attack indicators in real-time. But invest not only in solutions but also in creating security policies that allow you to quickly identify risks from end-users.

5 – Continuously monitor your network, applications, equipment, and end-users. Constant monitoring is an essential condition for organizations to be able to respond as quickly and effectively as possible to threats and attacks.

 

Identifying the necessary solutions, a difficult choice

The responsibility for applying and following all these steps rests with the IT department, but it is the security officer’s responsibility to select from the tens of hundres of cybersecurity products offered by more than 1,500 vendors. These days, the global market for security solutions is highly fragmented and diversified, and choosing the right solution is a challenge, as it requires time, effort, skills, and experience in this niche field.

The challenge is worsened by the limited available labor market resources which have been experiencing a chronic shortage cybersecurity professionals for several years. High salary costs with specialists in the field create a budget problem for many companies, which have real difficulties in finding the necessary funds to hire the professionals they need but also to purchase the necessary security solutions. In most cases, the IT security budgets allocated within organizations are insufficient, which leads to repeated delays and postponements of projects, thus generating a further increase in the level of risk.

IT departments can reach out to services provided by security solution vendors, but each manufacturer’s expertise is focused on covering a limited area of a company’s needs. This creates a new challenge for security managers in organizations – to bring together all the solutions they have and make them work together, coherently, to ensure the protection of the entire organization.

„Within the Soitron group, we have a team of over 50 security specialists who can help you overcome these challenges. We start all the projects by carrying out a consultation and design phase that gives our customers the guarantee that the solutions we propose meet their needs, allow them to capitalize on already purchased security solutions, and meet compliance requirements. This is also facilitated by our system integrator capabilities, as well as our accumulated multi-vendor skills – we offer a broad portfolio of solutions through which we can cover customer needs. We also provide operational security support services to help our customers develop and manage their security infrastructures. Through our Security Operation Center services, we ensure monitoring and response to incidents 24/7/365. We offer all this range of services also in Romania through Datanet Systems company, which has its own local team of specialists, and which, in order to better meet the needs of customers, can access the resources available in the other countries within the Soitron group“, mentioned Murat Kaymaz, Managing Director of Cybersecurity Soitron Group.

For more details about the practical security approach proposed by the Soitron Group specialist, you can watch the CIO Council 2022 Conference presentation (below) and/or contact us at sales@datanets.ro.

______________________

* According to the National Cyber Security Directorate