Strategies to deal with cybersecurity risks

Vulnerabilities in internet services can be found every year, especially if they are popular, since there will be more eyes on them trying to attack.

For example, a vulnerability was discovered in one of the Apache modules, software used to host numerous websites around the world, and that could be exploited; that is, if a user had the "vulnerable" module installed, he could be a victim of code execution. On the other hand, a vulnerability was discovered in Windows 11 that allowed attackers to gain administrator access and perform any activity on computers.

For their part, people are becoming aware of the importance of cybersecurity. According to a Mastercard study, 87% of Latin American consumers are aware that they may be victims of cyberattacks, 75% have been victims and 70% have taken measures to protect themselves.

Cyberattacks become a problem when many users can be affected.

Therefore, today we share this article with you to teach you how to deal with cybersecurity threats.

What will you find in this article?

• Cybersecurity today

• #1. Reduce exposure area

• #2. Process automation

• #3. Convey cybersecurity as something positive

• #4. Anti-fragile models

• #5. Technologies, people and processes

• Final reflections: What is the evolution that we propose?

Want to hear the full interview? Haz click aquí 

Cybersecurity today

Organizations, as well as the cybersecurity function itself, are transforming. And when we talk about this transformation, it is supported by three fundamental elements:

1. An increasingly strong government for decision making. Until now, standard operating procedure was to develop risk management skills and make decisions based on risk methodology. However, it is necessary to go a step further and extend these models to include uncertainty models.
2. The usage of technologies by companies. Our cybersecurity function is being transformed by three technology solutions: (a) data-driven cybersecurity, (b) automation-based cybersecurity, and (c) machine learning-based cybersecurity.
3. The operational efficiency of the cybersecurity function. In the cybersecurity role, all projects should be encouraged on how to do more with less.

#1. Reduce exposure area

The first tip is to upload as few applications as possible to the Internet.

If your company needs a public-facing application, make it available on the Internet. If it is an application that must be seen by your employees or suppliers, do not put it on the Internet; instead, keep it “in house”.

This way, when a vulnerability is discovered, they are more likely to try to attack it from outside your “house”.

• If you have no other choice and the application must be on the Internet:
• It determines which of those programs has the vulnerable module loaded.
  Disable the module or update it to a newer version.

#2. Process automation

Process automation is evolving in an interesting way, although it must be taken into account that it has been the workhorse of cybersecurity for the last two years.

To make activities more efficient, deploy solutions that help automate repetitive procedures. For example:

• Attention processes.

• Response processes.

• Incidents.

• User creation.

• Privilege control.

In general, tasks need to be completed on a daily basis.

As a result, people can focus on more important issues such as decision-making, research, and reflection on how to improve cybersecurity.

#3. Convey cybersecurity as something positive

Our executives frequently state in meetings that they don't know about cybersecurity issues, yet they are presented with projects that they must panic to approve, and they don't know if it's going to create a benefit or if it's going to work.

Consequently, the aspect that calls our attention is that we must begin to turn the message of cybersecurity into something positive. At A3Sec we consider it as a tool that helps to recover losses.

We like to use Formula 1 racing as an example. In a Formula 1 car, what do you think the brakes are for?

Whoever has the best brakes will give the fastest lap. The same can be said of cybersecurity; a competent approach will help you achieve your business goals.

#4. Antifragile cybersecurity models

The establishment of cybersecurity models that are resilient has been discussed, however, in A3Sec we change the paradigm from resilient models to anti-fragile ones.

Imagine an elastic that has been stretched; after releasing one of its sides, it will return to its original state. The concept of a resilient model is the same: if we are attacked, we will rise again, but we will continue to be the same, with the same techniques and we will continue to be vulnerable.

An antifragile approach, on the other hand, encourages us to constantly evolve.

It's okay to have failures, incidents and know how to manage chaos; the essential thing is to learn from them and improve our security model instead of repeating the same mistakes. It is changing the security paradigm, presenting an adaptive security model in which we evolve when there is an error or failure.

#5. Technologies, people and processes

The three fundamental aspects are technology, people and procedures.

However, people believe that as technology advances, people will become less useful; nothing is further from reality.

The combination of these three elements will gain strength. On the contrary, it will increase your effectiveness, and each component will expand your capabilities.

Although the terms are becoming more complicated, cybersecurity controls are the same ones that have worked for years and continue to evolve. The message is to dig in, understand the requirements and scope of work, and assess the cost-effectiveness of replacing old constraints with new technology.

Final reflections: What is the evolution that we propose?

Data

At A3Sec, we believe that data-driven decision-making is the best way to go. Companies are getting it, and they are focusing their transformation efforts on data. To do this, you must:

• Understand how you are.
• Be aware of what is happening in the world around you.
• Be aware of what you have to protect.

It can help you with the last point if you have a clear asset inventory, understand the assets you need to secure, and validate their vulnerability status.

Understand the threats

To get started, identify use cases or attack indicators. To do this, you will have to design a strategy to detect these dangers. Next, find out what's going on and if it's critical.

Finally, you have to learn to recognize the unknown. Although it is true that you do not know what the attackers' strategies and/or tactics are, you can capture unusual situations.

At A3Sec we divide this information into four categories:

1. The known good. Infrastructure that you are going to protect.
2. The known bad. All indicators of compromise that are generated in security intelligence: url, IP addresses.
3. The unknown good.
4. The unknown bad.

Now it's your turn, has your company been the victim of a cyberattack? What prevention measures do you use?