COMMENTARY
The convergence of rising cyber threats, superior synthetic intelligence (AI), distant work, and hybrid infrastructures presents vital cybersecurity challenges in at the moment’s IT panorama. Consequently, it’s a necessity to make your endpoints, cloud infrastructure, and distant entry channels safer. As cyber adversaries undertake new ways, organizations worldwide reply by increasing using steady risk publicity administration (CTEM) methods, investing in sturdy safety options, and leveraging cross-functional collaboration to mitigate dangers and safeguard digital belongings successfully.
However like Superman has kryptonite, even the most effective software program has weaknesses, with misconfigurations main the pack.
Contemplate this: Microsoft analysis signifies {that a} staggering 80% of ransomware assaults could be attributed to frequent configuration errors in software program and units.
Misconfigurations now maintain an unenviable fifth place on the Open Worldwide Software Safety Venture Prime 10 — an important vulnerability reference for the cybersecurity group. OWASP discovered 208,000 occurrences of frequent weak point enumeration (CWE) inside 90% of functions examined for misconfiguration, highlighting the widespread nature of this vulnerability.
OWASP says, “With out a concerted, repeatable software safety configuration course of, methods are at a better threat.”
With this proof, it is no surprise that organizations are paying extra consideration to “misconfigurations.”
Image This …
You are sitting down together with your morning cuppa and tales of an information leak hit the headlines. The corporate affected is a number one insurance coverage agency, and the non-public info of hundreds of shoppers has been made out there on the Web for months. With a little analysis, you study that the agency left a number of buyer data unprotected on one in all its clouds, making it straightforward for anybody to entry this info via a easy SQL command. Whereas digging via the tabloids you bump into the reason for such a tremendously ironic flip of occasions. Seems, it was a easy misconfiguration error: The system administrator left the cloud open to the general public since they missed updating the privateness settings and permissions for the cloud storage in query.
We study that human errors, regardless of stringent protocols, are troublesome to manage and, consequentially, take away. The rising complexity of distributed and component-based methods and customary misunderstandings of system necessities and design will probably result in extra issues. Whereas people play a essential position in decision-making and monitoring methods, handbook updates are not viable.
So, What Can You Do About It?
With all that is occurring in cybersecurity, are you able to confidently say you may have all of your endpoints coated? And by all, I imply all — together with the information on third-party methods. In case your reply to that is sure, congratulations! You are doing higher than most organizations on this planet! But when your reply is not any, I would love you to think about the next measures to enhance the safety of your methods:
-
Make use of automation that extends DevOps from software supply to IT operations to DevSecOps. Automation is the treatment that can assist organizations keep away from handbook errors. It’ll permit staff to make use of their treasured time for extra essential duties whereas confirming that preliminary and ongoing configurations are error-free. By automating audits on configurations, you may create a repeatable system hardening course of that can probably prevent quite a lot of money and time sooner or later. Automation will allow you to scale back human error, enhance reliability, keep consistency, and assist collaboration throughout groups. It’ll additionally give all stakeholders visibility over the safety posture of your IT property.
-
Use a policy-as-code strategy to assist body your safety and compliance insurance policies or guidelines. Organizations can configure methods by encoding safety guidelines in human-readable and machine-enforceable insurance policies and repeatedly checking for and remediating drift. Actually, policy-as-code brings each configuration and compliance administration right into a single step. This removes the safety silo and brings all stakeholders right into a shared pipeline and framework, enabling collaboration amongst group members and permitting for safety to be shifted left within the improvement course of. The policy-as-code strategy might help detect misconfigurations, enhance effectivity and velocity, and scale back the danger of manufacturing errors.
Whereas there’s a technical side to DevSecOps, there’s additionally a human side that entails collaboration and planning. A multiprong strategy that begins with collaboration throughout IT operations and safety and compliance groups, whereas discussing the suitable exterior and inside compliance necessities, is a essential start line.
After understanding the configuration and insurance policies, you can begin with pre-packaged insurance policies that align with requirements corresponding to the Middle for Web Safety (CIS) Benchmarks and the Division of Protection Techniques Company-Safety Technical Implementation Guides (DISA-STIG). Think about using an automatic system to confirm in case your configurations are repeatedly correct. This, in flip, will permit your group to handle complicated and heterogeneous environments, together with cloud-native public cloud providers, Kubernetes configurations, and any on-premises or hybrid cloud workload.