Note that none of this advice is “buy this magic silver bullet”…:
[…] Here’s the bottom line: Cybersecurity is a team sport. The average American has around five devices connected to the internet. Our identities are increasingly connected to the digital world and companies are collecting and storing personal information now more than ever before, with more personal details.
In my line of work, when monitoring the surface, social, deep and dark web, I frequently find leaking devices and subsequently contact the affected company directly, working with them to secure their vulnerabilities and provide recommendations on mitigation. Five steps I often recommend to proactively protect an organization are as follows:
- Get back to basics – Perform basic security hygiene and make sure your systems are up-to-date with the latest patches and security updates. Work with your partners and configure your cloud servers properly. Amazon training is free.
- Perform open-source intelligence (OSINT) research – Understand what is being said about you and your organization at all times. Attribute potential adversaries; could they be real threats? What information do they have access to? Know their motive and capability level.
- Understand an incident’s blast radius – How was the organization impacted? You may be a casualty from an exposure.
- Watch out for squatters looking to take advantage of the breached public – sites such as capitalonecreditcardbreach[.]com, capitalonebreach[.]com, capitalonedatabreach[.]com were all registered on July 30th, 2019 in hopes of targeting the victims of these breaches. Monitor how bad actors can take advantage of your brand and business.
- Always use any breach incident as a learning lesson – Learn from other’s mistakes; war game your controls, test your people, processes and technology.