Proactive Configuration Management
The Key to Good Cybersecurity

Proactive Configuration Management: The Key to Good Cybersecurity

While industry continues to spend heavily on reactive measures and tools to guard against zero-day vulnerabilities, targeted attacks, and such, most attacks are enabled by weak controls, and insufficiently comprehensive configuration management practices.

Proactive Configuration Management: The Key to Good Cybersecurity 

In a mobile-first, cloud-first world, the attack surface has expanded past the traditional IT perimeter and enterprises need to manage identities and secured configurations to harden devices, govern and manage Shadow IT, and make sure sensitive information is safeguarded. 

Recent high-impact cybersecurity events indicate that one of the most common root-causes is insecurely configured IT infrastructure. While industry continues to spend heavily on reactive measures and tools to guard against zero-day vulnerabilities, targeted attacks, and such, most attacks are enabled by weak controls, and insufficiently comprehensive configuration management practices.  IBM x-force  has reported a “historic 424% jump in breaches related to misconfigured cloud infrastructure, largely due to human error” (Source: IBM X-Force Threat Intelligence Index  April 4, 2018).

Many enterprises, however, are behind the curve in protecting against, as well as remediating and recovering from rapid cyberattacks. This is mainly due to a poor understanding of how to assess their security posture against these types of attacks. Let’s take one of the numerous recent incidents (Code Spaces, USCENTCOM, Dow Jones, Accenture among others) and have a close look at the breach at Capital One recently. As a result of misconfigurations at the WAF and the Metadata server on AWS, over 106 million credit applications were exposed.  AWS has maintained that this was not their fault; the security configurations that the credit card company failed to design into their security profiles were known for at least two years (Owasp 2017).  At Accenture, at least five of their AWS storage buckets were unprotected with passwords, and unencrypted, but contained highly sensitive keys whose loss could have impacted thousands of Accenture clients. 

The real question is: how was this allowed to happen, particularly in technologically astute and process sensitive companies? We know that the problem in this case studywas a Security Configuration design failure.  The problem at Accenture was a configuration management run-time failure; they failed to ensure that as-running = as-designed.  

Prioritize and protect mission critical assets with the help of our expert cybersecurity team

It is clear that there are numerous controls that are available in IT infrastructures (especially in the cloud) to guard against such exposures. But using these controls comprehensively, and continuously is critical.  All elements are important. 

Comprehensive configuration means that all available controls are applied to all assets, regardless of whether they are in any particular cloud, in on-premises IT, or virtualized infrastructures. Capital One failed to do this at the design stage. 

Continuous configuration management means going beyond quarterly audits. The smaller the time interval between configuration checks, the lower the cumulative cyber risk. Developers and operations teams routinely bypass controls to get their job done, but catching these changes and correcting them automatically is critical to risk reduction.  Accenture failed to detect & then remediate misconfigurations during the transition from development to production.

A subscription-based security configuration management solution simplifies and automates the process of consistently applying critical controls derived from international standards, regulations, and best practices, comprehensively to your hybrid IT infrastructures (across all public and private clouds, an on-premises elements), continuously over the entire infrastructure lifecycle. 

In a cloud-first world, it is important to invest in a comprehensive configuration management solution that automates security and compliance whilst reducing cyber risk and remediation cost at the same time. Based on recent cybersecurity incidents indicate that one of the most common root-causes is improperly configured IT infrastructure. While industry continues to spend heavily on reactive measures and tools to guard against zero-day vulnerabilities, targeted attacks, and such, most attacks are enabled by weak controls, and insufficiently comprehensive configuration management practices.  

Get in Touch to Build Your Cybersecurity Strategy

To learn more about how we can secure your data visit our website for more information about our Managed Security offerings.

Contact us
  • Wednesday 11 September 2019

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Author

Bala Sathunathan

Bala Sethunathan Director, Security Practice & CISO

Software Portfolio Management

Related Articles

Cyber-Security Bulletin September 2019
  • 17 September 2019
  • Bala Sethunathan
  • Cyber Security Updates, Managed Security
  • Security, Cyber-Security

Cyber-Security Updates – September 2019

This month’s edition informs about latest data breaches, a data-stealing Android malware, a master decryption key provided by the FBI, and cyber-threat intelligence updates such as multi-stage attack delivering backdoor to turn Elasticsearch…

Three Differences Between On-Premise and Cloud Security
  • 04 September 2019
  • Bala Sethunathan
  • Managed Security
  • Cloud, Security

Three Differences Between On-Premise and Cloud Security

To enable enhanced cloud security, organizations must understand the cloud’s fundamental differences from an on-premise environment.

Building-a-Roadmap-for-Windows-7-End-of-Extended-Support_teaser
  • 14 August 2019
  • Blog Editorial Team
  • Publisher Advisory, Managed Security, Managed Backup
  • Windows 7, EoS

Building a Roadmap for Windows 7 End of Extended Support

To prepare for Windows 7 EoS, organizations must evaluate their entire software environment. Learn how to build a roadmap to accomplish this.