Modern Building Blocks of a Strong Cybersecurity Practice

It has been less than two years since my colleague Terry Murray first articulated our perspective on how organizations can best protect themselves from the multitude of threats to their data and information systems. As relevant as the Baseline 5 remains today, it’s also noteworthy how much a little time, and a big pandemic, can change things.

Remember back in the day when SASE was considered cutting edge? It’s amazing, really, how far we’ve come, and how quickly, in large part due to the mass migration toward remote and hybrid work environments. By the time COVID hit there were, for sure, a number of smaller organizations who had fully embraced the cloud, and we saw how easily they adapted to the new work-from-home requirement. In contrast, other organizations, intent on maintaining “ownership” and control of their IT infrastructure, struggled to keep the doors open, metaphorically-speaking, because they were not prepared to support a fully remote workforce. Chalk one up for the early adopters!

Although there are significant differences in the technology requirements of organizations that need to protect on-prem infrastructure and those that don’t, the most fundamental challenges of a successful cybersecurity initiative haven’t changed all that much:

• Protect endpoint devices such as laptops, phones and servers.
• Minimize risks associated with email and phishing.
• Keep user accounts safe through enhanced authentication.
• Centralize and analyze activity reporting for preventative and forensic purposes.

This list comprises what I consider to be four essential elements of a cybersecurity practice, whether the practice is an internally-managed initiative, or a contractual arrangement with a managed security service provider (MSSP) like Prescriptive Solutions. These are the table stakes, and yet there seems to be no end to organizations who seem to want to prove they can be the exception.

So here we are—only a few years having passed since the days we routinely spoke of technologies like firewalls, antivirus, and VPNs—now having discussions about cybersecurity that may very well not involve any of these now-dated terms. We don’t talk so much about “antivirus” anymore, for example, instead using the term “endpoint protection”. Antivirus may be part of an endpoint protection solution, but only a part. Terms such as next-generation firewall (NGFW), SASE, Zero Trust are more examples of technologies that address one or more of the four essential elements outlined above, but do so in ways that are more effective for the modern organization than what may have constituted a common approach, say, five years ago.

It’s not just that we’ve invented shiny new labels for these technologies, we’ve largely reinvented them, redesigned them, to meet the needs of an ever-growing threat landscape and to empower a workforce that can work from, well, virtually anywhere.

Some things will never change, the song goes. And while that’s just the way it is, it’s also true that some things change a lot, and change quickly. If you’re serious about improving your organization’s security, you won’t do wrong to focus first on the four fundamental challenges I mentioned. But consider also how much the technologies addressing these challenges has changed, and whether now may be a good time to partner with an experienced MSSP like Prescriptive Solutions. Call us when you’re ready!