Posts Tagged ‘technology’

Not so basic but definitely essential.

We keep talking about new shiny, and increasingly fragile, controls that will prevent attacks or fiendishly clever algorithms or AI to which we can outsource all that hard or fast thinking we’re not good at but we are all still staring down the barrels of a loaded data breach gun waiting for it to go off. The thing is we seem to be holding that gun to our own heads and it’s not like we don’t realise. All the talk of ‘basics’, ‘essentials, ‘foundations’ points at a relatively common set of issues usually focused on some combination of the following:

  • IT Maintenance (patching, replacing end-of-life platforms, inventories, baseline builds etc),
  • Network security (internal segmentation),
  • Access Management (efficient joiners, movers, leavers processes, privileged user management)
  • Security Monitoring (effective visibility),
  • Incident Response (tested plans, exercised staff)

(more…)

Twitter RSS