Catch22 CyberDefending: Why Defense Always Behind

why is the defense always behind?

Are there some things that we inherently do not like to do?If there is something that is denying us from doing what is necessary to create a good defense then we have to be mindful of these actions – let’s review some Catch22 items.

 

 

Let’s face it we all love functionality – but do not like to do the work to make sure everything keeps going.

 

for example:   We all want our systems to be up and running when we need them(24x7x365 uptime):

Some Systems (like email servers) have to be operational all the time.
Some file servers and network devices have to run 24 hours a day 7 days a week and 365 days in the year
But guess what?   Systems must be updated due to vulnerabilities:
Unfortunately systems have to be updated because of monthly patches
Patches are created to fix vulnerabilities in software which happen periodically.
What about the hundreds of systems that must be logged and tracked?
Every time a change occurs it must be logged and tracked
Users must have good password management
Sometimes passwords must be changed (employees leave)
But as you know changes happen quickly like going to the cloud? And changes have to be tracked.
Managing transitions takes time and effort but must be done –
Take time out to review inventory – what type of software is on systems?
Difficult to deal with change – but has to be done.
Don’t forget to test systems on a regular basis to ensure continual uptime:
Test systems to see if they are vulnerable to latest attacks
Testing systems is important even if possible problems arise. Most tests do not do anything, the possibility exists though!
Once tests are regularly done will lower your risks
Testing may cause downtime but must be done:
Some tests might cause downtime or slower responses for users but it must be done – knowing the environment will enable fixes which lowers risks.
And as you know we do not want to reboot our systems:
Who wants to reboot?
I have 20 windows open and do not want to take the time to reset everything.
Sometimes a reboot is necessary
Must Reboot to implement patches
To implement software upgrades and patch vulnerabilities the system has to be rebooted.
rebooting resets the environment and is important to be done periodically.
We have to help each other  see the reasons for rebooting – updating patches, testing systems, backing them up even when it takes time, effort and money!!!
Contact us to discuss

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.