IT Security
Anastasia Timmermans
IT Security
3 min

What to do to improve your IT Security?

3 min

How can you make it as difficult as possible for hackers?

Online risks and threats with major consequences for governments, companies and individuals are increasing rapidly. The Dutch Ministry of Economic Affairs and Climate Policy recently posted an extensive blog about the cybersecurity picture for Dutch entrepreneurs. The digital threat remains as great as ever, partly due to an imbalance in our resilience to it.

What causes this imbalance? What can you do to make it as difficult as possible for hackers?

In fact, hackers are almost always one step ahead of us. The first and important lesson in IT: Every IT network can be hacked…or hacked if you like. Most security innovations are actually a response to an attack that has already succeeded. Hackers come up with a new method, then IT security is adapted to that new method. So there is almost always a period in which hackers can do their thing until a solution is devised.

These so-called 'zero-day' attacks, exploits or viruses are the problems that fall through the security net. They contain previously unknown weaknesses or methods to attack an IT environment. Immediately after discovery, security specialists work feverishly to close the proverbial hole. That is why there are so frequent updates for virus scanners, firewalls and other security software. Speed is important here. (This also includes timely patching your network equipment!)

But these updates are mainly useful for organizations that have not yet been attacked. The unlucky host during a zero-day attack has already been successfully attacked. Loss of data, services and almost always damage to reputation are often the result.

 A seasoned IT person will say; heuristic security!
 Yes, I hear you say it. Definitely a good move, but unfortunately not perfect.

But wait, what is heuristic IT security?

It is the art of recognition. Looking at a good virus scanner, it contains heuristics. In a piece of data (an application, e-mail, file, etc.) it is checked whether characteristics can be discovered that correspond to known viruses.

Suppose a known virus is a song, then heuristics listen to see whether one of the verses of a new song is recognizable. If the virus scanner finds that it may be a suspicious tune, the file will be recognized as a virus. This method can also be used in network traffic analysis. Firewalls use this, among other things, to discover suspicious traffic.

 A good firewall (also with heuristics), virus scanners, Endpoint Detect and Response software (EDR), SIEM tooling and common sense, surely THAT is sufficient? Almost! Security remains partly a matter of guesswork and, if an attack is very ingenious, lagging behind the facts. You have to accept that you first have to choose from a whole range of security tools. Was it the right choice? That part is the guesswork. In addition, the IT environment must remain usable by... well... the users.

All resources must strike a balance between safety and usability. The most secure network has no users and no connections to the outside world. The best safe has no door. You have maximum safety, but it is not practical. So we look for that balance. That brings us the second lesson we can learn: We can never make security thát good that hacking the data is impossible.

Is there really so little possible to improve your IT Security?

A lot is possible and that is exactly where the challenge lies. There is not one solution to achieve a completely secure IT system. The solution is a combination of many factors, such as the right equipment, well-thought-out configuration, smart software, well-considered settings and the design of the IT network. These are just a few aspects that need to be considered. But before you can think your security through, you first need to know what you have. What does your IT network look like? Everything depends on how smart and carefully an IT network is set up.

In the coming weeks we will discuss various aspects of cyber security in this blog series. We are not going to cover everything here and perhaps not always in great depth. The point is to get the flow of thoughts going......

Follow the Procyon Networks LinkedIn page and keep an eye on our weekly posts.