Here are some suggestions to help improve your security posture and reduce security incidents.

January 30, 2019

4 Min Read
Ivanti January Blog image

By Ivanti Blogger

Breaches remained prevalent in 2018, and the trend is expected to continue. Several high-profile breaches pushed a world already drifting toward more strict privacy regulations like GDPR to take more action like the California Consumer Privacy Act of 2018. It’s safe to say that in 2019 we will continue to see data breaches occurring. Likewise, you can expect to see additional privacy laws being put into effect to help keep those affected informed of exposure and to push companies to be more diligent in their security, responsible with their customers’ data, and held accountable where necessary.

Ivanti’s security products are focused on helping our customers mitigate or eliminate security incidents that often lead to data breaches. Here are some suggestions to help improve your security posture and reduce security incidents:

  • Close the gap on continuous vulnerability management. Most vulnerability management programs provide vulnerability assessment and integration into SIEM or SOAR platforms to aggregate and prioritize your overall security posture. However, the next step to remediate and close the gap is often manual. Look to bridge this gap in 2019 by automating handoff to Patch Management and other solutions.

  • Reduce time to patch. Our biggest challenge in security is time. The longer a vulnerability is exposed, the more time an attacker has to exploit it. Many companies find that a vulnerability that has had an update available for over a year was used as part of a security incident, but many vulnerabilities that have had an update for two to four weeks are compromised, as well. Prioritizing highest-risk vulnerabilities and resolving them in under two weeks reduces your exposure significantly. Find ways to prioritize the most urgent vulnerabilities faster and close that Time to Patch window.

  • Implement application controls. It’s all about trust. If you cannot validate trust, deny it. Zero-day defense, ransomware defense, malware in general. Application Control is arguably the most effective security control you can implement, but it is also one of the most challenging due to scope and complexity. This can be especially challenging in a world where we need to enable our users with self-service capabilities. Having trust models that can provide baselines of applications that are easier to consume and maintain can reduce your cost of ownership.

  • Enforce better privilege management. While many security breaches start with a software vulnerability being exploited by targeting a user and having them open the door for the attacker, once in a system it’s all about the permissions. What is the attacker allowed to do? If the compromised user had reduced privileges, attackers would be slowed because they would need to find a way to elevate their permissions before they could do something more substantial. This is not the limit of what you should be concerned about with privilege management. A threat actor will often compromise a system, then run additional tools to compromise a set of credentials that have more access through the use of tools like Mimikatz. From there, threat actors will use a known user and supported system tools in the environment to move about and find their way to valuable data. You need to look beyond least privilege, and also consider contextual rules that limit further lateral movement.

There’s some bolder predictions as well that we believe you should be aware of. Keep these on your radar as you look at future security initiatives:

  • In 2020, companies that are unable to move away from Windows 7 and unwilling to pay for extended support from Microsoft will be exposed to critical vulnerabilities that will leave them exposed to significant risk, with limited means to mitigate the vulnerabilities.

  • By 2020, we will see a major corporation assessed the maximum GDPR fine of 20 million euros or 4% of annual revenue.

  • By 2021, organizations’ “operational knowledge”—built from a combination of human and AI “learning”—will become both a sell-able asset and a security hacker target. Knowledge will become a true $-value asset.

  • By 2021, our identity will—reliably and consistently—be our own faces or other bios. Text passwords will finally be dead.

  • In 2019, at least one organization’s future existence will be impacted by a data breach.

  • By 2020, Microsoft will be the largest AV vendor in the market. It will have over 50 percent of that market and will be recognized as the trusted AV vendor.

Need some help increasing your IT security posture? Tell us what initiatives you want to take on in 2019, and click here to check out the rest of our predictions for security and beyond.

Chris Goetl is Ivanti’s Director, Product Management, Security.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like