The SolarWinds hack that impacted the U.S. Treasury, Department of Homeland Security and Commerce departments, as well as other government agencies and private companies was a big wake up call for the cybersecurity world.
There are many things that will be learned from the SolarWinds hack, but I would like to focus on two critical lessons that every enterprise should address:
The military has a classification systems to determine how sensitive information is handled and accessed. One of the highest levels of classification is called Top Secret / Sensitive Compartmented Information (TS/SCI).
Access to TS/SCI material is permitted on a need-to-know basis for those with appropriate security clearance levels. Often times, no single person has access to all of the information. Containerization is a proven effective way of protecting sensitive information.
We’ve spoken with a number of enterprises that pay lip-service to the need to set up out-of-band communication, but only a fraction have taken the steps to do so. Instead, they are consistently caught flat-footed when incidents occur and they tend to use unauthorized consumer tools in the scramble to establish communication – especially in today’s remote working environment. Setting up communication lines mid-breach is not only stressful, but the use of consumer tools may pose additional risk to the enterprise.
The SolarWinds fiasco should and will push CISOs and IT executives to approve and establish out-of-band communication systems in 2021.
With respect to integration, the pendulum has swung so far in the direction of fully intertwined software that breaches like the ones we are seeing today will become increasingly more common.
Enterprises would be wise to learn from the military’s approach of compartmented information and strict, need-to-know access controls for information that matters most.
Enterprises and executives that adapt quickly and begin properly containerizing their information will enter 2021 prepared and protected. Those that don’t will be leaving themselves vulnerable to potentially catastrophic risks.
LockDown solves this problem. Reach out to us to get started.
Encrypted messaging tools like Signal, WhatsApp, and Telegram are increasingly finding their way into businesses as secure communication solutions. While it may seem like a prudent decision to use them, … Read More