The most effective IT security intelligence focuses on strategies that provide your business with security advantages over everyone else, making you hard to become a cyber target.
It really doesn’t matter where your business is located, what your business does, or who your business serves. If you are operating in 2018, you assuredly have heard some harrowing stories of local Philadelphia businesses falling victim to cyberattacks. One of the biggest reasons why businesses keep falling to cybercrime rings is that they lack fundamental strategic business security decision making that ensure businesses are safe.
The fundamental purpose of IT security intelligence is to provide your business with timely information to make important decisions about how to secure your business network (protecting your data, your team members and your clients from data breaches).
How can your business start making actionable decisions based on IT Security intel?
- Timely dissemination of IT security information—know how to evaluate and digest intel about cyberattacks and threats currently going on and vulnerabilities identified in software you use. Your IT Support should be able to digest information coming in from other high tech companies and government agencies and decide which information is necessary to act upon.
- Expert decision maker that can understand and turn security threats into actionable remediation steps—this is critically important. Most IT Support companies will either act on every little security warning or won’t take any action because they don’t see the potential risks to your business. A good IT Support company will make strategic decisions based on mounting security data to give your business a feasible strategy to address any security risk concerns.
- Evaluation on how remediation path might impact your business functionality—another big failure of most IT departments and support teams is the failure to integrate security into a functional process that services your business’ operations. Instead of taking an authoritarian approach to security, your IT Support should consider meeting with department heads of units affected by a security change to discuss and plan a way to address a security risk that not only secures your business from attacks, but allows for users to maintain their productivity.
- Continual evaluation—the prioritization of remediation projects, highest risk to lowest, should allow your business to continually evaluate and fix the most urgent problems. By identifying your most urgent security risks, a good IT Support team understands how to best leverage your limited resources towards keeping them most secure.
An example using this process? Let’s take patching as a case in point:
Let’s say Microsoft makes an announcement that it found a big vulnerability in its Windows operating system (which it has[link]). And let’s say they get around to releasing a patch to address the vulnerability (Note: patches from Microsoft are regularly released each month. See our recent post on when might be best to patch your business network for details).
You start your security intel and analysis by having someone on your IT team constantly aggregate information on threats to your business network. The problem with this step is that most IT support teams are too inundated with fighting fires to adequately monitor current threats—even security patch releases—until businesses have started falling victim to cyberattacks exploiting those exact security vulnerabilities those patches were aimed to protect.
With knowledge of new patch releases, your IT Support team first should evaluate all released patches (Microsoft and many other software vendors tend to release patches in batches):
- What does the patch affect?—sometimes even security patches may unexpectedly impact other parts of your business, if your IT Support team doesn’t evaluate the impact of how a patch might affect your business operations. Some patches may cause conflicts with other software packages critical to getting work done. Does your IT team assess impacts before implementing changes? Does it test major changes before pushing those changes throughout your organization? If your IT Support team isn’t thinking before pulling the trigger on network changes—including application of new security patches—they might cause major outages or downtime in the process.
- What is the patch fixing?—before applying all patches for the heck of it, your IT team should understand why they are applying the patches. Maybe a patch helps speed up processes critical to your business, maybe an unpatched security vulnerability would leave your business dangerously susceptible to a cyberattack if not applied ASAP. As part of their evaluation, your IT team needs to understand why your business needs a fix in the first place.
- Prioritize patches if they are difficult to apply—before simply applying patches in order Microsoft (or any software company) releases patches, your team needs to critically think about which patches would be most beneficial to your business operations. Which would make you safer and which would help your business run smoother. Most IT Support teams fail to recognize the importance of prioritizing when it comes to patching (or any project in your IT environment). Make sure your IT Support team understands how to prioritize their work to create the most impact for the rest of your business.
By having tools to assess a situation and make concerted decisions based on logically presented arguments and verified information, your IT Support team will ensure that your business is secure and running.
Having simple processes in place to evaluate IT projects and support events and prioritize work will help make your business safer. Just remember that your IT Support should be following basic principles of decision making to reinforce your business’ strategic use of technology:
Understand useful intelligence from information ‘noise’—not all information is created equally. If your team is given information that isn’t quite accurate or isn’t interpreted appropriately, they may be making decisions that won’t help your business stay more secured or run better.
The good news for you is that the basic principles of making sound IT decisions can directly help you decipher which intelligence information can actually direct your business security in the safest direction. Start with questions like “why is this information relevant to our organization?”, “Does the information help us become more informed of how to keep our network and team members safe?”, or even “If unaddressed, could not acting on this information hurt our business?”.
If you cannot answer these basic questions for your network security, you might want to consider a free network security road map meeting.
Measure the performance of your IT security intel—one of the biggest mistakes in information technology is that most folks focus solely on an action and don’t take the time to think about whether actions actually brought beneficial change to your business. And most IT guys simply focus on quantitative metrics when they do evaluate measurements without even considering qualitative results.
While specific metrics such as the amount of malicious traffic blocked from your network is an interesting number to see on occasion, it doesn’t tell us the extent to which your IT security is aligning to your holistic business security. Make sure your IT intel and implementation map directly to the decisions discussed by you and your stakeholders to ensure your security and IT Support in general are working toward your business strategy and goals.
How can you achieve better outcomes?—One of the biggest reasons why your business should consider having an IT Support team that maximizes its use of decision making is to be focused on improving your user’s experience and their safety through making decision-directed improvements to your IT security practices and process.
By continually improving how they support your users, your IT team should be focused on seeking additional context to security issues and understand implications of implementing specific changes. As your team continues to implement decision-based directives in the context of your business needs and user demands, they should be able to make decisions timelier, resulting in better business security solutions in the short and long term.
Is your IT Support using contextual information to implement best security strategies? Are you following a decision-based strategy to address security vulnerabilities? Consider a FREE network security roadmap to get your IT support to think more strategically about your business security.