If you’re struggling to figure out how to respond to security challenges in today’s evolving threat landscape, start with your operating system, address endpoint security, and think like a hacker. Those were the main ideas of the closing keynote at the recent iTech Conference in Toronto. Unfortunately, most organizations haven’t yet taken these ideas to heart. A show of hands at the beginning of the talk revealed that many organizations still haven’t even made the transition from Windows 7 to Windows 10.
Unsurprisingly, speaker Tim Doel, Technical Specialist at Microsoft Canada, espoused the value of upgrading to the latest Windows OS, and although he may be biased, his keynote held valuable insights about how much the right OS matters for endpoint security and provided some perspective on how hackers think. Here are three takeaways from Doel’s speech every IT pro should know:
Expecting your business to keep up with all the threats to endpoint security without some automation isn’t realistic—a theme threaded throughout the day-long conference. Like other speakers, Doel provided some pointers on how to respond to security challenges within the time and budget constraints organizations of all sizes face. While security software still has its place, Doel emphasized it’s better to start by embedding security into both your hardware and your OS. If you keep your OS upgraded, a lot of the hard work of endpoint security will be automatically completed for you.
The importance of embedded security extends beyond just computers and operating systems. You should always choose hardware designed with security in mind—the more security features that come built in from the outset, the easier your life will be in the long run. Take printers, for example: There isn’t much in the way of security software you can install on a network-connected printer, and yet, they’re just like any other peripheral device connected to your network. By relying on printers with built-in security features, you can close that security gap and turn a potentially weak link into a strong one.
Doel acknowledged there are plenty of reasons to feel “super afraid” of what’s happening in the cybersecurity world, but you can transform some of that panic into strategy if you step back and ask, “Why is this all happening?” Doel believes flipping endpoint security on its head and putting yourself in the mindset of a hacker is essential: “They’re business people. They’re there to extract money. They’re there to make a big impact on an organization or country or whatever initiative they happen to be going after.”
The first goal hackers target is getting their foot in the door of your network. Doel pointed out they most often start with identity, uncovering user IDs and passwords. They don’t want to launch a massive attack so it appears in the press; instead, they’re most interested in performing a subtle breach that will go unnoticed. From there, they can run each successive stage of their attack like it’s a business at internet scale.
“There are these large organizations that have built massive server farms all over the world that they can also use to ply their own trade,” said Doel. “When you go back and try to figure out where is all this stuff coming from, you can’t actually tell. They’re from anywhere and everywhere—all around the world.”
Not only are hackers working at internet scale, they’re also investing in automation. “If you want to hack into a system, there’s a cost,” said Doel. The bad guys have recognized they make more if they can keep their costs down, so they’ve invested in repeatable processes—a whole laundry list of tools they can choose from to run a complicated, federated attack using sophisticated global directives. If you want to combat these automation-powered hacks, you’re going to need some automation of your own.
Just as a good business is always looking to evolve, smart hackers are always looking for new ways to breach your business. Today, spear phishing is an increasingly popular method of getting user credentials, and spear phishing methods are getting incredibly creative. There’s also a movement toward in-memory hacks that inject malicious code right into memory locations to start writing PowerShell scripts. But no matter how the attackers are trying to get in, one fact remains true: Their success is often dictated by the quality of an organization’s hardware and how well it keeps its systems up to date.
That brings everything full circle, back to the need for a modern operating system. The new attacks used by today’s advanced hackers are designed to circumvent the security controls found in an older OS. Only by making sure your OS—as well as your hardware and any other software you use—is up to date can you avoid advanced attacks. Simply put, upgrades and patches for the sake of security need to be baked into how your IT team does things.
There are a few other ways you can make security a part of everything your team does. For example, if you build apps, either for internal employees or external customers, a DevOps culture could strengthen your app security. By paying closer attention to security during development, you can minimize risk while reducing the number of future patches needed. You can also build heightened security into your environment by taking steps toward strengthening your endpoints, such as modernizing your fleet of printing and imaging devices. Mobile devices and the Internet of Things also introduce new threat vectors, but applying the right best practices can contribute to a proactive endpoint security stance, rather than a reactive one.
Whether it means upgrading your OS, your printers, or something else, advanced threats mean you must have security embedded in your entire IT environment. Since the bad guys are thinking like a business, you need to think like a hacker—then, you can stay one step ahead of the enemy.
Missed our initial coverage of iTech Toronto? Check out the first piece here: “iTech Toronto: Model your cybersecurity strategy on an immune system,” and click “subscribe” at the top of the page to stay tuned for more IT insights from Tektonika.