It’s summertime, and everyone’s on vacation. What could possibly go wrong?
For the security team, the answer is “plenty.” Summer brings a set of new challenges to security organizations including employees taking more time off, often with their corporate laptops. Our own security personnel are taking vacation time, too, which makes staffing the security operations center (SOC) more challenging. More laptops in less secure locations plus less security staff on hand can add up to greater risk.
Thus, with summer fully upon us, we in the security profession need to make sure the change in season doesn’t create additional vulnerabilities.
With employees traveling, it’s important to address your security posture. Are your assets patched, encrypted and up to date with the latest protection updates as driven by your security posture? If not, can you make this a priority before those assets start traveling to unknown locations in employees’ luggage and carry-on bags?
Within the security organization specifically, have you planned for personnel shortages and coverage while employees take vacation? Do you have contact information for all critical members of the organization and their backups in case a significant incident is discovered? The threat actors in today’s environment recognize that organizations may not be as diligent about monitoring alerts over the summer, and they’ll take advantage of the potential opportunity for increased dwell time. Now is the time to plan and prepare; you may even want to conduct an incident response drill.
In addition to evaluating your organization’s overall security posture and your team’s readiness to handle staffing challenges, the summer gives individuals on your security team the chance to expand their roles and responsibilities. Are there projects that need additional resources? Processes that need to be improved or standardized? The summer is a fantastic time to do an overall evaluation and put in place new challenges and opportunities for security staff members to undertake in the second half of the year.
As you evaluate your security program, think about everything you can do to make progress toward your annual goals. How are you expanding the security visibility in your organization? Do you have access to the data sources you need to confidently detect and respond to threats in your organization? Do you have processes in place to efficiently handle incidents? How have these things changed over the course of the year so far? With half the year already behind you, it’s important to step back and evaluate the overall security posture.
Many of us think of the end-of-year holiday period as a time to address increased risk as well as a time to plan for the future. Summer offers us a similar opportunity. Use this time of year to evaluate the projects, people, technology and processes you’re currently engaged in and to improve your security situation both immediately and in the long term.