We've all seen in the past year multiple cyber attacks that have hit key infrastructure (such as the colonial pipeline attack), or the Solarwinds vulnerability which affected multiple government agencies this past year, or the more recent Kaseya vulnerability which has hit a great deal of businesses and impacted many more MSPs which rely on RMM technologies such as both Solarwinds & Kaseya. But what it really reveals more than anything else, is that the standards for security that all levels of government are requiring are far from sufficient to handle the current threat landscape.
What does this mean for industries that have compliance requirements that are slow to update and difficult to maintain? Well, it means spending the barest amount of money to meet those compliance requirements and take a big risk if you aren't able to maintain proper security posture... or taking a larger gaze at what security means for your company. London Security has talked about Security Architecture in the past, and that's probably the first look a company should take. Considering options, looking at security as more than specific technologies and solutions and as an overall security posture to be maintained and connected to general IT practices within the entire company.
Aside from that, the question becomes where does the industry need you to go in order to maintain the security practices that will provide adequate security against today's threats? There's a few schools of thought here:
But... both models require additional interactions to be successful. At this point of the security threat landscape it is necessary to have some form of 24/7 coverage for when security events occur on weekends, holidays, or very early in the morning where you don't have engineers able to respond in real time.
London Security recommends giving us a call or emailing us regarding what model you are looking at, and how you implement it. We have security engineers to help set up your security architecture, or take over management for when you don't have the internal resources to fully handle it. Talk to us today in order to figure out the best approach for your security, and consider talking to us about an assessment of your security architecture to make sure it can handle today's threats.