5. DEAL WITH
Vulnerabilities in operating system platforms like Linux
are constantly being exposed. A large and active hacking
community directs their efforts to exposing and often
exploiting flaws in operating systems and architectures. So
it is critical that all systems within a working architecture
are patched and updated according to manufacturers’
recommendations and industry best practice.
New patches or releases should be promptly uploaded, or part
of a regular program to ensure this is done. Most entities will
control the installation of updates because manufacturers’
releases can expose new flaws and may cause issues that
have nothing to do with security. An inventory of all system
software-currently running releases is needed along with a
process to identify and record when new ones are added.
● Monitor threat and vulnerability reports specific to the
software inventory of the target system,
● Automated tools to manage and identify system
parameters are useful to reduce the overhead of dealing
with these issues. User community forums provide advice
on the relative stability of releases but need to be treated
with caution – not all advice you read is qualified.
6. COUNTER THE
THREAT FROM “THE
External threats receive much attention, but some statistics
suggest that Cyber-Security may be even more threatened from
within, occurring while detection mechanisms are busy with
outside threats. Internal threats are a significant problem.
From the outset, it is important to say that while it is common to
characterize internal threats as malicious, an internal attack is at
least as likely to be accidental or opportunistic. You will have
many employees who can access your systems and network,
plus contractors, third-party support and service providers.
For example, you are likely to have cloud-based IT services
with administration platforms that are not visible to your
Identifying and mitigating internal threats involves seemingly
endless combinations and degrees of expertise, motivation
and access specific to each individual. Your organization will
need to work closely with an expert advisor, tailoring security
solutions based on risk.
Apart from technical solutions, four strategies deserve mention:
● Providing security access by role increases visibility of
● Separating duties and responsibilities reduces opportunity
for collusion, or false accusation which can prove costly.
● Logging and regular analysis of data can identify
irregularities such as repeated access to files, before an
attack. Organizations typically use data forensically, but
it has greater value when analyzed to identify potential
● Assigning personnel to search for and identify
vulnerabilities means attacks can be mitigated. Systems,
processes and people not acting “normally” should
trigger closer observation.