2017 GSN Airport, Seaport, Border Security Awards 

April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

5 Ways to Find the Low-Hanging Fruit on Your Network

By Katherine Teitler-When it comes to securing an organization’s network, there is no shortage of basic blocking and tackling to be done. Companies’ IT infrastructures have become so complex and interconnected that many security departments aren’t entirely aware of all the systems and people that might have network access, much less maintain the ability to monitor and act upon every alert or anomaly. As a result, and as we’ve learned through the many highly publicized breaches and security incidents, cybercriminals need not be terribly wily or sophisticated to successfully hack into targets’ networks and steal, modify, corrupt, or otherwise abscond with the information they’re after; the typical enterprise offers plenty of low-hanging fruit for free.

Organizations don’t have to work extra hard at rolling out the proverbial red carpet for attackers. Thousands of vulnerabilities are disclosed every year, and the average time to patch is somewhere between 100-120 days. Though securing everything which needs securing—hardware, software, applications, data, people—is by no means a light lift, the security team’s ability to focus on eliminating low-hanging fruit will raise the “cost” of an attack for cybercriminals. In many cases, this means your adversary will turn his attention elsewhere. If your company is a high-value, singled-out target, erecting better barriers means the attacker has to elevate his game, and you’ll have a better chance of identifying an attack earlier in the cycle…so long as you don’t “set and forget.”

I was working part time in a five-and-dime

First things first. To understand what your low-hanging fruit is, you must identify everything you have: hardware, software, devices, applications, partners/partner networks, authorized individuals and connections, data, etc., basically everything mentioned above as a challenge. Once you have a grasp on all of the assets that require security’s attention, the next step is prioritization. Which data and systems contain the most valuable assets—the “crown jewels,” if you will—that would devastate the company if compromised? With this information in hand, you can now go about building a strategy to eliminate some of the most commonly exploited vulnerabilities.

 

Recent Videos

“Varian’s Imaging Components business has a 50 plus year history of dedication to the imaging industry.”—Sunny Sanyal, Senior Vice President and...
IntraLogic's official release of the "One Button" Lockdown system on CBS 2 News.
HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile...