Page 92 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 92

So, what are these common causes? I’ve previously worked in security incident response. The top three
            causes  which  resulted  in  ransomware  we  saw  were:  Credential  leakage,  unpatched  applications  or
            infrastructure exposed directly to the internet, and over-sharing of resources.

            Cyber hygiene, or to continue our health analogy "eating your security vegetables," involves maintaining
            minimum standards for security configuration and operation to reduce the chance of needing the triple
            by-pass (or expensive business-impacting data loss).

            While prioritizing security measures may not be as glamorous as product development, it's indispensable
            for minimizing risks and fostering a resilient security posture. Collaboration between security and builder
            teams is pivotal in embedding cyber hygiene practices into organizational culture. We should start to think
            of cyber hygiene in the same way we do health and safety. It’s obvious that we need to make sure that
            the humans in our organizations should be protected & there is legislation or governance to make sure
            we operate safely. Cybersecurity is the same, we need to operate safely in the protection of our data.
            Prevention is better than needing a cure!

            Security teams play a crucial role in facilitating secure product development. They are not there just to
            provide guidance, but to make sure that the mechanisms exist for the builder teams to build secure &
            resilient systems. Much like exercise is easier when you incorporate it into your daily routine, security is
            easier when it’s part of your day to day work. This means security teams & builder teams must work
            together to integrate security activities seamlessly into existing workflows. This minimizes friction and can
            increase business productivity because security work is not ‘extra’. For example, if builder teams don’t
            get overly broad permissions but just enough access to do their job that reduces risk. If data is only
            accessed by those with a business need, that reduces risk.

            So, we need to not only treat the symptoms of a lack of cyber health (or hygiene), but address the root
            causes.  Some of this is technology choices around access, data protection and monitoring. But I would
            argue that the cultural approaches to working collaboratively between security builder teams are more
            important. The technology choices will evolve, but if security works to make it easier for builders to make
            good (healthy) choices & builders consider security one of the quality metrics for systems then the whole
            organization will be better.




            About the Author
            Paul Hawkins is the CISO of CipherStash, a data security company that utilizes
            groundbreaking  searchable  encryption  technology.  Before  CipherStash,  Paul
            worked  at  AWS  as  Principal  in  the  office  of  the  CISO,  where  he  worked  on
            methods  to  secure  customer  data,  running  their  security  programs  without
            causing friction to their business.

            Paul  can  be  reached  online  (LinkedIn  )  and  at  our  company  website
            cipherstash.com









                                                                                                              92
   87   88   89   90   91   92   93   94   95   96   97