Journey to a Cybersecurity Strategy - Security Boulevard

SBN Journey to a Cybersecurity Strategy

It’s Cybersecurity Awareness Month! In honor of the theme — Do Your Part. #BeCyberSmart — we’re doing our part by educating IT teams and organizations on protecting themselves. Throughout October, the JumpCloud blog will focus on top cybersecurity issues, from IT admin best practices to CISO responsibilities. Tune back in throughout the month for new cybersecurity content or check out our archive of existing security articles for cybersecurity insights written specifically for the IT professional.

Every journey has a starting point and cybersecurity doesn’t need to be as unapproachable as it’s often made out to be. There was a point in my career when I was suddenly responsible for the implementation of a security strategy and became a de facto security analyst overnight. The key is to look at it as a process and break it down, rather than as ’stuff’ that you purchase, or as some dark art that’s impossible for mere mortals to master. My sense is you have found yourself in this position too; or if not now, will at some point. This article shares helpful lessons I learned.

My path toward becoming a security analyst began then and there and wasn’t voluntary: nobody else was going to take the reins and the nascent threat of ransomware was looming over my company. This happened on the cusp of Wannacry when a series of SMB and processor related vulnerabilities were disclosed and millions of PCs were suddenly at risk. My primary argument for taking on this responsibility was that it was only a matter of time, and I was fortunate enough to have received C-level buy-in with a strong understanding of the risks involved, especially as the company was venturing into a growth phase with new products and investments made across the board.

I knew enough about security “to be dangerous” with significant interest and exposure to the industry and principles, but at this point in my career I had not run a security program in earnest. It was reasonable to ask my industry friends and our MSP partner for guidance. That led to a list of tactics (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by David Worthington. Read the original post at: