At this point, anybody in the IT world would have to be living in a cave in the wilderness to not know that October is Cybersecurity Awareness Month. (And since there’s no Wi-Fi in wilderness caves, that scenario is admittedly unlikely.) This week, I wanted to take a closer look at a couple topics, one for work and one at home.
Automation is a must! There is no other way of saying it. Most security teams are understaffed and overworked, and when properly implemented, automation can do the work of many. For example, how long does it take to implement a recent acquisition’s intellectual property into your security processes? Months? Years? What if it could be done in less than a week, or even a day?
In today’s world, most software exposes APIs. This allows custom integration into your security processes. With the right resource, custom automation can be created to enhance any security program. It ensures that all of the requirements are being followed.
Application security can ensure that every single line of code checked into a repository is scanned, and results are shared on a common dashboard. Network security can ensure that any new resource added to the network follows company’s standards. Cloud security can ensure that resources are being used appropriately and not opened to bad actors.
Finally, security issues identified by your processes can auto generate work items in popular ticketing systems. This ensures that the issues identified do not fall through the cracks.
This is a good time to sit down with your teams and discuss the benefits of automation. Do not let this slip through the cracks.
Over the past several years, companies have changed their approach to software development. Today’s development atmosphere is focused on hitting deadlines. If any bugs or security issues are found, update the software accordingly and release it as an update or hotfix. How many times have you seen an “Update Now” or “Live Update” in your applications? Because of this, make sure that you regularly apply updates to your home devices or applications. This may be more complicated than you realize. Not everything is going to flash that ‘Update Now’ signal, and there are security risks in devices you might not even be aware of throughout your home. If you aren’t an IT professional (and, let’s face it, even if you are), many of these security risks may not be on your radar. Here are just a few of the routes that bad actors can use to compromise a network:
One more thing: Many of these devices are enabled for both Wi-Fi and Bluetooth connectivity, and both avenues need to be secured. Why? Because your WI-FI-enabled devices can be potentially compromised remotely, while your Bluetooth devices can be compromised within 30 meters of the device. Here are my recommendations for security best practices for your home:
Learn more application security tips in our new white paper, “Top Tactics for AppSec Innovation.”