A Time to Reflect: Taking Stock during National Cybersecurity Awareness Month in 2020

To say this year has been unusual is an understatement. Uncertainty and change have been the norm, and IT and security teams have had to adapt. During times of great change, those with established processes are often better equipped to weather the storm.

As October is National Cybersecurity Awareness Month (NCSAM), we’re revisiting the broad strokes of a framework you can use to help secure your customers. Today, we want to kick off the month by giving a preview of each step in the process. Over the next four weeks, we’ll cover each in more depth, with specific technologies and tactics.

Here’s what we plan to cover:

1. Prepare and prevent

Before you help your customers, you’ll need to lay the foundations of a solid security program. The groundwork you lay here—from setting up physical security in a building to choosing the right security layers to deploy—pays dividends by making nearly every other step in the process easier. Plus, a good portion of threats can be prevented before they even take hold.

This year, the IT industry was thrown for a loop by the pandemic, forcing many providers to transition their customers to remote work overnight. Subsequently, IT providers had less control and visibility over the networks to which their customers connected. Perimeter-based security had already proven obsolete; this rapid shift to remote working has further hastened its demise. In next week’s post, we’ll talk about some of the prep work and preventive steps you need when supporting a remote workforce—so make sure to check it out in case there’s anything you may not have considered. Plus, we’ll talk a little about the implications of employees returning to their offices and what that could mean for corporate networks.

2. Detect

Next, we’ll talk about what technology you need to detect threats out there today. Many of the older detection technologies still work, but in many cases customers will need updated tools. In particular, IT providers should lean heavily on more adaptive, active technology. During times of uncertainty, cybercriminals often find ways to take advantage—whether it’s via news-related phishing schemes or exploiting new vulnerabilities introduced in the upheaval. That’s why it’s so important to have AI and collective intelligence as arrows in your cybersecurity quiver. We’ll talk about solutions that best meet these moments, and why endpoint detection and response solutions are particularly purpose-built for these times.

3. Respond and recover

Despite your best laid defenses, some threats will still slip by. Having a strong plan for responding to and recovering from incidents is absolutely essential for helping keep customers safe. We’ll talk about backup and recovery technologies, of course, but we’ll also talk a bit about developing an incident response process, which is particularly important in the era of increased data privacy and reporting regulations like GDPR and CCPA. While no one ever wants a security incident to occur, how you handle this step can often make or break your customer relationships by either demonstrating your professionalism or sending them to the competition.

4. Analyze

Finally, we’ll talk about the ongoing analysis IT providers should take to continuously improve their customers’ security postures. This involves monitoring daily reports, but it also involves performing the right types of analyses both after incidents and on a periodic basis. We’ll also talk about some more advanced technology you can consider implementing to further fine-tune your security analysis capabilities (and improve protection overall). Being able to analyze incidents lets you stay ahead of the curve when protecting your customers—and as threats continue proliferating and cybercriminals continue innovating, consistent analysis helps you both improve security for individual customers and spot trends you can use to further help others in your customer rolodex. Plus, this step plays a role in marketing—you should look at your analysis as an opportunity to demonstrate value and perhaps even persuade customers to further increase their defenses. We’ll cover a lot of this in the final week’s blog post.

A time for reflection

For this month, we’ll discuss how IT providers can meet the current moment and beyond. The steps outlined here apply no matter the current cyberthreat environment—you’ll always need to think in terms of preparation and prevention, detection, recovery, and analysis. But the elements that make up each step need to adapt. Over the next four weeks, we’ll cover each step. So stay tuned for our upcoming posts this month, where we’ll get more into the nitty-gritty nuts and bolts of each step.

Keeping your customers secure shouldn’t be a chaotic endeavor. That’s why SolarWinds^® RMM integrates multiple security tools into a single web-based dashboard. With it, you can offer security to your customers from the same system you use to monitor and manage their IT infrastructure. Learn more about RMM today.