By Terry L. Allen, OXEN Technology
Happy New Year to you wherever this article finds you. I am finding “new wind” in this new year despite the difficulty that continues to surround us. As I think about challenges with the ongoing pandemic, economies, supply chains, monetary inflation, workforce supply, politics at home and abroad, and cybersecurity — I am more committed than ever to meet the challenges of our time.
Maybe it’s the times we find ourselves in, or the experience that comes from getting older, or both, but the challenges we face feel overwhelming. For Gen-X (those born approx. 1965-1980), our parents’ and grandparents’ generations saw many of our present challenges in the 20th century with wars, pandemics, geopolitical tension, economic hardships, and likely supply and workforce pressures to go with it. This new year 2022 might be a different calendar of time, but we have been here before in history and lived to talk about it with one relatively new exception: cybersecurity.
As I look back over the past year, 2021 was a defining one for cybersecurity. Recounting some of the year’s most impactful incidents:
- A severe vulnerability in Log4J logging framework present in untold numbers of devices worldwide.
- Ransomware attack on Colonial Pipeline resulted in gas shortages on the U.S. east coast.
- Kaseya, an IT management platform used by IT service providers, was attacked affecting thousands of downstream client networks with ransomware.
- On premises Microsoft Exchange Server (ProxyLogon) vulnerability that was so bad, the US FBI was ordered to take the unprecedented step to intervene uninvitedly on private mail servers to mitigate the damage.
- “PrintNightmare” vulnerability in the essential document printing subsystem of every single Microsoft desktop and server.
- An attack on a Florida Water Utility that resulted in the near poisoning of the water supply system.
Ideally, software defects are found and reported proactively, and fixed privately, before being disclosed publicly. In many of the above cases, everyone was finding out that the fox was already in the hen house! Zero-day attacks occur when defects in a particular software system are found to be actively used by malicious actors to attack computer systems before IT teams and software manufacturers have knowledge and can take appropriate action. Everyone is playing catch up when a zero-day vulnerability is disclosed, especially if it’s actively being used to attack people. If zero-day concerns weren’t enough, countless other incidents occurred last year that didn’t make the headlines resulted from a breakdown in applying cybersecurity fundamentals.
As we think about our 2022 cybersecurity action plans, we must renew a focus on addressing the fundamentals of cybersecurity. Some places to start: have a security operations center to monitor your cloud and endpoint devices, upgrade your traditional “antivirus” with next generation capabilities found in Endpoint Detection and Response (EDR) solutions, and secure your Microsoft 365 cloud using a community accepted configuration standard, among other things.
The fundamentals of cybersecurity apply everywhere, even in the cloud, and the ‘devil is in the details’ when it comes to how secure your technology is. Conducting a thorough review of your IT systems is vital to ensure you are minding the gaps. Lastly, utilize a credentialed third-party cybersecurity consultant to help you on this journey. Existing IT teams often lack the skills, toolsets and/or time to intentionally focus on cybersecurity.
In closing, I want to encourage you to be intentional about your cybersecurity in 2022. Security happens on purpose — not by accident. Don’t make assumptions, don’t leave it to chance, don’t rely on cyber insurance only, don’t be defeatist. Address the fundamentals of cyber security, identify and protect all your IT assets, equip your people with security awareness training, engage third-party advisers, make cybersecurity accountable at an executive level. Know where you are in your journey, what your next step is and take it! OXEN Technology wants to journey with you in 2022 as a trusted adviser in your business and your cybersecurity. We are all in this together — 2022, here we come.
Terry L. Allen is a Certified Information Systems Security Professional (CISSP) with OXEN Technology in Joplin, Missouri serving community banks as a cybersecurity consultant. For more information, he can be reached via email to firstname.lastname@example.org. He can also be found talking passionately about IT and cybersecurity topics on YouTube and on LinkedIn.