Optimizing Costs and Eliminating Excessive Alerts by Combining Splunk and STEALTHbits Introducing...
How to Get Started with Cybersecurity
When it Comes to Cybersecurity, Fancy Gadgets Aren’t the Place to Start - People, Policy and Procedure are Key
I Need Security and I Need it NOW!
You're here because you've realized that your organization is a little behind the cybersecurity curve. Perhaps you have an audit coming up, or even worse you recently failed one. Or maybe you need to become compliant with a program like FISMA or FedRAMP.
Whatever the reason, you need to get your organizations cybersecurity posture up to date and in order. But how do you even start?
The most common mistake organizations make when trying to update their cybersecurity posture is going out and buying a bunch of incredibly expensive security technology. They acquire a few new firewalls, a malware product or two, something for endpoint management and patching, and a few threat intelligence source subscriptions. Then they top it all off with a shiny new SIEM. Organizations invest massive amounts of money in high tech products that give them no value because they don't have the engineers and analysts they need to extract actionable intelligence.
Don't get me wrong, you are going to need a SIEM, and you are going to need virus scanners, patching compliance, solid threat intelligence and log management. But there are other things you need to get in order first.
You Need the Right Folks
The precursors to a successful cybersecurity program are people, policy, and procedure. I don't know how many times I've shown up at a customer to install Splunk Enterprise Security only to find out they don't have logging policies in place or have any idea what security events they want to monitor. I can and do guide them through these decisions, but it expands the scope and timeline of the project; especially if that need wasn’t anticipated.
To get started, you need people who understand the security controls your organization has to meet and know how to help you achieve those goals. Every institution should have a team capable of crafting strong policies and implementing technology to ensure the monitoring of your environment and to enforce your organization's security regulations.
Make no mistake that security is a full-time job for this team and often still a part-time job for most of your IT staff. From the system administrators who implement access and authentication methods to the network administrators who ensure the proper configuration of the routers, switches, and firewalls, everyone has a role to play. It's the responsibility of your security team to ensure they are doing so.
Once you have your people and your policies in place, then you get to buy the tech toys. It can be hard to secure the funding for cybersecurity professionals; the good ones aren't cheap and the demand for their time is high. However, in the long run, it will save you money. They can help you avoid unnecessary expenditures on overlapping software, get some easy controls in place to deter script-kiddies and recreational hackers quickly, and help your organization start to develop the security mindset that will lead to exceptional success over time.
We Happen to HAVE the Right Folks!
Want to know what August Schell can do for the security of your agency? Our security professionals are savvy, competent, experienced, and standing by to help you. Reach out to August Schell today, or call us at (301)-838-9470.