Take a deep breath and relax. Sure, that sounds like a good way to de-stress, right, particularly during this ulcer-inducing time. Everyone join in…
Not so fast, there, security solutions providers.
OK, so we tease, but the sad reality is that security currently, formerly, and forever will remain an open-ended proposition, perpetually in need of vigilance, updating and modification as cyber threats continue to evolve and find new ways of infiltrating defenses. Thus, it falls upon dealers and the in-house or third-party provider solutions to ensure they are maintaining a sophisticated, up-to-date security component.
Sadly, there is no rest for dealing with the wicked. Just ask Keith Adams, vice president of IT for Les Olson Company of Salt Lake City, who stresses the need to resist human nature in believing a provider has done all that it can do.
“Constant review of solutions and advancements in the industry are essential,” he said. “We have to always take the position that there is no guarantee with any product or process. We must strive to identify the gaps in products and procedures as well as new avenues of exploit.”
While there is no true solution that covers all risks, Adams believes that vigilance in bringing best-in-class products and ensuring their proper implementation enables his dealership to remain open to new ideas and systems that will continue to mitigate those risks.
Constant Vigilance
There is a certain degree of skepticism that is beneficial to triggering a defensive mindset. Acknowledging the inevitability of threats and exploitations helps keep providers such as Elevity, a Gordon Flesch Company, on its toes. As long as bad guys keep winning somewhere and in some fashion, Paul Hager, director of solutions for the dealer, has a duty to perform.
“Threats are always evolving and the bad guys are winning,” he said. “This demands that best-in-class protection offerings be layered on top of one another so when one is subverted there are additional layers to prevent or alert on breaches. A data breach is unfortunately not a matter of if but when for most companies. Time to detection and response are key in stopping attacks.”
No Time for Complacency
Not to pat the cybersecurity defense community on the back, but threat detection has come a long way from where it was even just a few short years ago. Jeff Leder, director of managed IT security services for Impact Networking of Lake Forest, Illinois, notes that advanced persistent threat (APT) dwell times have decreased, an indication of the maturity of the cybersecurity industry in general. Naturally, quicker detection of an APT is only the beginning of the process, and Impact Networking enhances its game by employing a red team (attacker)/blue team (defensive) scout team of sorts to ferret out the latest methods employed by bad actors.
“As we continue to develop our capabilities for emulating attackers, we stay up to date on what are the various tactics and techniques they’re using to break into environments,” Leder said. “We then compare that against our control set, our solution set, to ensure that the SOC is able to ideally block, but at very least, detect that sort of activity within an environment, so that some form of response can occur.”
To augment its defense strategy, Impact Networking is also constantly revisiting its toolsets to ensure they are able to detect/block ongoing threats. The dealer has swapped out SIEM and end-point protection suites after finding more effective tools on the market.
“The cat and mouse game continues, but we continue to evolve along with the threats,” Leder added.
According to Scott Anderson, senior vice president of IT for Kelley Connect of Kent, Washington, whatever plan the solutions provider has in place should be a living and breathing component flexible to evolving. “Security is not a set it and forget it type of software tool—it’s an ongoing and evolving program,” he said. “I think the key is as an IT services provider engaged with a client, it’s something you’re talking about all the time in regular conversation. It has to be front of mind, just like the training has to be. That risk reduction program needs to be evolving every month, every quarter.”