Page 3 - index
P. 3
Managing Risk Requires Patience and Consistency
Friends,
In this month’s edition of Cyber Warnings, we put a major focus on
understanding Risk and dealing with key issues that help you reduce it.
Not only is threat mitigation a key component, but also, patch
management, consistently managed helps reduce your exposure.
There are so many new types of threats – whether it’s they bring your
own devices (BYOD) dilemma you now face or systems constantly being
opened up to data leakage, mostly by accident of your employees. You also have to deal with the
fact that new operating systems, such as Windows 10, aren’t offered for free without a price – it’s
Microsoft, just like Apple and Google, gaining a foothold into your organization beyond what they
should have, by deeply accessing private information and content – from images to voices and
keystrokes.
We face a new challenge where the OS vendors themselves have accidently, for their own benefit,
opened your network to backdoors for eavesdropping – whether by advertisement networks,
malware or other cyber threats. So, it’s truly a most important moment in time for network security
to include privacy concerns in your risk management and mitigation strategy. Patching Windows 10,
for example, may fix holes that reduce the risk of an exploitation by new malware, yet without
turning off a plethora of privacy-risk features, native backdoors remain open and data leakage
through your firewall could be happening without your knowledge.
I hope you will read through this edition of Cyber Warnings on the theme of risk management and
mitigation by better understanding that patch management is incredibly important, but alone, it’s
only a tiny part of the new equation for network security. In addition, while the shifting of risk to the
cloud, ie, other service providers might seem like a great approach, if you allow third parties to have
any access to customer records or personally identifiable information (PII), your cloud services need
to be as security and private and you would offer if you were managing the entire cloud offering,
yourself.
To stay one step ahead of the next threat, you need to reduce risk at all network touchpoints and
data access points under your control, even if you’ve offloaded the hosting to others. Ultimately, be
consistent in your risk management analysis and be patient in your organization’s adherence to
your policies. With good training and a positive attitude, you can improve your security posture and
mitigate the risk of exploitation.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – September 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
