The exponential adoption of new cyber security related tools is a growing problem in the cyber security world, cautions Steven Usher, Senior Analyst, Brookcourt Solutions
Year-on-year, the number of cyber security tools that are being used by companies of all sizes is growing at a rate that many consider unsustainable longterm and this almost frenetic rate of adoption could lead to cyber security issues; in fact, it is already.
While this situation is notable, what is, in fact, more of a concern is that, while companies are rushing to adopt newer and more complex technologies to deal with the ever-expanding cyber security threats, they rarely, if ever, have even got the basics right. I am talking here about firewall rules, base endpoint security policies, data loss prevention or, at the very least, awareness of what data is on their network, a robust and sensible password policy and most of all – in my eyes at least – most companies do not have an up-to-date inventory of what hardware and software is on their network.
Essential Building Block
Knowing what you are protecting should be considered one of the main building blocks of creating a cyber security program within your organisation. The fact that this often seems to not be the case is a concern. How do you protect and defend what you do not know about? The same applies to a software inventory – without knowing what is currently in use in your organisation, how do you determine which patches have priority, where the major points of potential ingress are or who is at the greatest risk of exploitation? After decades of dealing with incidents, it is common for unknown hardware or software to have a hand in the incident.
Both hardware and software inventories are made more complicated in the modern world with concepts like BYOD (Bring Your Own Device) which allow all sorts of hardware onto networks and inside the defences of an organisation. While there is the idea that, with solid security policies, BYOD can be managed appropriately, the truth is that BYOD is a true security nightmare and often results in the overall weakening of an organisation’s security posture. Another concept that is worth considering here is WFH (Work From Home). While there is the fact that company hardware can be sent out to users and centrally managed, there are various other pieces of hardware on that home network and even the hardware – for example routers – used to host the network in that home that are not only unknown, monitored or updated appropriately, but simply are not capable of being managed in the first place.
There is no magic method to solve this issue. There are products that can help considerably with scanning, listing and, more importantly, managing the various hardware and software found on the networks, but it is down to the people to constantly question, scan and investigate to ensure that any and every possible piece of hardware and software is documented and known about.