It’s a very interesting time in the security community. While things in the security space usually move at a very rapid pace, the happenings as of late have been downright frantic. Just recently we have witnessed the birth of MS08-067 and the resulting Conficker worm that’s infected millions of computers to create the largest botnet ever. We have seen customer data loss on an epic scale with the U.S. Department of Veterans Affairs, T.J. Maxx, and Heartland Payment Systems, along with numerous others. We have also seen high-profile security vendors’ websites being attacked and defaced. The efforts of blackhats and malicious hackers seem to be ramping up; so should your efforts on defending your network. Don’t wait for President Obama’s security initiative to trickle down, take the time to create your own security initiative:
- Get your users onboard with your security plan. Giving your employees a sound understanding of the principles of data security will go further than anything else.
- Create a security road map. Make some goals pertaining to the security posture of your organization and work towards them.
- Review your policies. Make sure all your security policies, your acceptable use policy, and your disaster recovery plans are current, well rounded, and are customized to your environment.
Above all, just make logical choices when it comes to security. Since you know your network better than anyone else, only you can make the best decisions when it comes to securing it. While others can make suggestions for improvement, its your call for how it all fits in to the big picture.