Default title

UNCONTROLLED CHANGE IS THE ANTITHESIS OF SECURITY

EASY TO UNDERSTAND, HARD TO IMPLEMENT

Effective SMB Change Management is a rare beast. Most client organizations don't demand change management procedures until after a series of troubling failures has soured a relationship. Many Managed Service Providers (MSP's) don't introduce the topic early in the life of an organization as it increases management costs. MSP's rarely monitor system changes to ensure that undocumented changes aren't being made by well meaning consultant. While loose change management policies increase management efficiencies in the short term, they create long term problems that are best avoided.

POOR CHANGE MANAGEMENT DOCTRINE INEVITABLY LEADS TOWARDS UNDOCUMENTED OR ILL-DOCUMENTED DESIGNS.

From a security perspective, loose change management policies create situations where originally secure and well documented designs are slowly eroded into grotesque shapes of random and varied security protections. The attack surface of such systems are very hard to define as protection and stability vary from system to system. It is likely that with this much variation something is going to slip between the cracks and create a security compromise, it is also likely that it will not get noticed till after damage has occurred.

Bringing systems like this back from the brink is something that we have had ample experience doing. Correcting problems that were created through improper change management procedures and officially documenting required design exceptions is the type of valuable work that is covered wholly under our Flat-Rate Managed Services plans.

RECENT THREAT POSTS

- Tara Seals
FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks
The infamous Carbanak operator is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure "pen-testing" company.
- Lisa Vaas
REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.
- Tara Seals
Cisco SD-WAN Security Bug Allows Root Code Execution
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.
- Elizabeth Montalbano
Threat Actors Abuse Discord to Push Malware
The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.
- Becky Bracken
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.
- Tara Seals
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
- Lisa Vaas
Gigabyte Allegedly Hit by AvosLocker Ransomware
If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.
- Nate Warfield
Why is Cybersecurity Failing Against Ransomware?
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.
- Elizabeth Montalbano
Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.
- Lisa Vaas
Google Crushes YouTube Cookie-Stealing Channel Hijackers
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels. 

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *

twelve + 8 =