There have been many high profile major cyber security incidents this year, including:
- The UK National Health Service Ransomware incidents
- Equifax Credit Agency
- Verizon subscriber
- Bell Canada
There are many best practices which were obviously ignored, allowing these breaches. Equifax’s breach was caused by a months-old software patch to Apache Struts not being applied.
While there is a cost to implementing these security patches, in 2018 I hope to see decision makers put more weight on cyber security as they see the true cost of these breaches. The Apache Struts / Equifax incident for example may have required recompiling of all web applications and a maintenance window lasting a few hours, but this would be value for money compared to the total cost of the breach.
I’ve implemented and improved cyber security practices in a number of ways including:
- Automating operating system and software patch deployments on a Windows domain using ManageEngine Desktop Central, and implementing auditing to verify and report on failed patches.
- Having a thorough knowledge of technologies I use when developing web applications, allowing me to implement them securely. For example, by taking the time to learn how session authentication cookies work at a deep level, I am able to ensure my applications are secure. There are of course many more levels than authentication to secure.
- Advising local businesses when I see an insecure WiFi connection. Recently I saw a retail establishment offering free WiFi, and this network allowed access to a substantial HVAC system with a default username and password.
- Advising on the use of an encrypted VPN when travelling and using unsecured WiFi connections, to prevent packet sniffing and Man in the Middle attacks.
While it can be argued that nothing in such a connected world can be 100% secure, professional knowledge and business decisions in the field of cyber security are becoming increasingly important.