Spilling milk is like getting hacked. They are both a mess to clean up. And much like breaches, spilled milk leaves you with about three possible moves:
- Stop more milk from spilling
- Clean up the milk
- Find out why it spilled
I don’t know how many glasses of milk you have spilled lately, but news on the latest hacker attacks just keeps coming. In recent months, I have seen several organizations I feel close to or am a customer of get hacked. In case you have not noticed, these attacks just aren’t stopping. And this is all happening despite the continued effort, updated laws, and the latest-and-greatest protections the cyber world can dream up and create. Obviously, no one is thinking enough about putting that glass of milk somewhere where it’s a bit harder to knock over.
As the tech industry continues to mature and maybe indefinitely, we are sure to see continued security breaches. We have seen examples of that with machine identities. While the keys and certificates that make up machine identities were originally invented to ensure the privacy and integrity of communications, it didn’t take long for cyber criminals to figure out that they could misuse these machine identities to hide in encrypted traffic. Don’t fret too much about this though. It’s all a natural side effect of progress.
Rather than sit alert with a paper towel, is there anything we can do to prevent these attacks? Or is it hopeless? Here are things you should think about before the milk gets spilled in your network:
- Prepare by following best practices
- Respond quickly by having a recovery plan in place
- Educate the user population on ways they can contribute to security
Sadly, this isn’t a once and done kind of effort. Most of us are in a constant state of preparing since it is not just like flipping a switch. With that in mind, you can focus on targeting high-value systems and fixing them first. Regardless of where you start, you should have a plan in place and make sure the organization understands the plan and the risks.
Your preparedness plan should include things like:
- Fully deployed software solutions that don’t rely on easy-to-hack default settings
- Up-to-date software and organization policies
- Adherence to industry standards and best practices
- Disaster recovery and remediation plan ready to go
- ACTIVE USER EDUCATION – because at the end of the day, each user holds security kryptonite.
There’s no way to be completely safe, but if you have done all the above you’ll be in a better position to respond to a breach. Of course, there’s always a chance that you still may be breached. In that case, you will have done due diligence and that’s the best anyone knows how to do. By taking the right steps well in advance, if a breach happens, instead of crying, you can focus on picking yourself up, recovering and getting stronger.
Here’s the thing about spilled milk: each splash and splatter comes with a lesson, a lesson that will help you update and improve. You won’t gain anything by trying to hide from it or cry about it.