The coronavirus 2019 (COVID-19) pandemic shifted the cybersecurity landscape. According to a PR Newswire release, the FBI tracked as many as 4,000 digital attack attempts a day during the pandemic. That’s 400% more than what it was prior to the pandemic. In response to these attacks, 70% of CISOs told McKinsey that they believed their security budgets would shrink by the end of 2020 but that they’d be asking for significant increases in 2021.

These findings beg the question: where should CISOs be directing their security asks for 2021 and beyond?

DevOps Connect:DevSecOps @ RSAC 2022

Foundational Controls as an Answer

Network security begins with asset discovery. This foundational control advises organizations to develop an inventory of all authorized and unauthorized hardware, software and other devices. Using that information, IT security personnel can track and correct all authorized devices and software. They can also deny access to unauthorized and unmanaged products as well as prevent unapproved software from installing or executing on network devices.

Where Security Configuration Management Comes In

Once enterprises have discovered all their assets, they can move on to security configuration management (SCM). NIST’s SP 800-128, entitled “Guide for Security-Focused Configuration Management of Information Systems,” explains that organizations use SCM to ensure the integrity of their products and systems. This security control accomplishes that aim by establishing, managing and remediating deviations from configurations for those assets.

IT security and IT operations meet at SCM because this foundational control blends together key practices such as mitigating known security weaknesses using vulnerability assessments, evaluating authorized hardware and software configurations as well as using security processes and controls to automate remediation. Towards that end, organizations can leverage a software-based SCM solution to reduce their attack surfaces by proactively and continuously monitoring and hardening the security configurations of their environment’s operating systems, applications (Read more...)