Sadik Al-Abdulla leads a team that spends its days assessing and cracking into systems to find weaknesses. As director of security solutions for CDW, Al-Abdulla’s team has conducted more than 5,000 network, malware and data loss prevention assessments.
Now, based on assessments done in the past two years, here are what Al-Abdulla calls the five "highest-risk, easiest things to fix":
The Fix: Document, remediate, automate, review and repeat.
The Fix: Educate users and test, test, test.
The Fix: Teach users what to avoid and to report attacks.
The Fix: Make sure systems don’t allow unintended access that would let an intruder crack one and then gain unguarded access to more critical systems.
The Fix: Ensure that there’s effective internal network segmentation; other than for IP communications and instant messaging protocols, user systems do not need to talk to one another.
In addition, Al-Abdulla noted five complex challenges organizations must confront and that require IT, security and management teams to work together to focus on the triad of policy, education and technology enforcement:
For Starters: Create a distinct infrastructure for mission-critical systems.
For Starters: Hunt for the malware, removing it, repair the infrastructure — repeat.
For Starters: Identify data traveling where it’s not supposed to, plug the leak — repeat.
For starters: Assess the network, fix leaks, rewrite policies and enforce them.
For starters: Educate users about data that is sacrosanct and should never be gathered, shared or stored in email systems.
Read additional security tips from state and local CISOs here.