The Least Sexy Advice You’ll Get Today

    NAGW Navigator: Volume 1 • Issue 3 • Spring 2018

    by A.J. Van Beest

    What if I told you just two things can solve most of your cybersecurity problems? (Cue “The Matrix” soundtrack.)

    Cybersecurity is a deep and complex problem, but at its core, it’s about two things: Reducing the number of ways you can be attacked, and recovering after an attack. The rest is just riffing on those themes.

    WARNING: None of this is new info. None of it is flashy. It is, however, solid gold. Do these things, and you’ll sleep better at night.  

    Step one: Patch All The Things

    Patch every digital device that you’re responsible for, as much as you are able. Patch the firmware, the operating system, and the applications and services. Oftentimes, this is as easy as “Apply Windows updates” or “sudo apt-get upgrade -y.”

    Do this for your web server. Do it for your CMS. Do it for your workstation, your phone, your smartbulbs… You get the picture.

    Applying these patches fixes outstanding security vulnerabilities and improves performance, and it’s the single best security return on your investment of time and energy.

    One caveat here: Sometimes you can’t patch things, for whatever reason (say, because a vendor for a mission-critical thing requires you to run Java 6.23 (I’m looking at you, State of Wisconsin)). That’s when you need a compensating control (a firewall, in-depth monitoring of a specific process, an application whitelist, etc.) in place. More about that another time.  

    Step two: Backup All The Things

    When disaster strikes despite our best preventative efforts, we need to have an easy, reliable way to recover and resume operations. Enter backups.

    To that end, we need to have solid backups of all our mission-critical stuff. Is your website important to your organization? Back up that CMS and your data. And backup the whole server while you’re at it (a snapshot of a VM is ideal here). Do you need the contacts and other data on your phone to *be there* when you need it? Better back it up, too.

    With good backups (especially good *off-site* backups!), when the worst happens to your systems, it’s a matter of a couple hours to move your backups into place, restore your production environment, and get rolling again. Without solid backups, you may be down for days or weeks, depending on the complexity of your environment, your documentation, the availability of other critical team members, etc.

    Just two things

    That’s it: Just patch and backup. Do those, and you’re eighty percent of the way to cybersecurity nirvana. Okay, maybe not *nirvana* but you’ll definitely have a better chance of avoiding those late-night “everything is on fire” phone calls.