Do You Secure Your Lawn?

Sep 2, 2021 | Security

Do you secure your lawn? No, I don’t mean from the likes of “Dennis the Menace”, and hopefully you’ve never uttered the phrase “you darn kids get off my lawn!” But believe it or not, there are some similarities between caring for your lawn and cybersecurity. Maintaining a well-kempt lawn will help minimize weeds, bug infestations, and will overall increase the value of your home or property. And as we’ll discuss in today’s blog, maintaining a strong cybersecurity posture has a similar effect on your business.

Establish a Desired State

The first item in cybersecurity is usually to assess where you are and to compare this to where you want to be. This establishes your desired posture and starts to identify gaps between your current state and desired state. Compare this to looking out your front door and seeing a lush green and manicured landscape, or a unkempt weed-filled pasture. For the latter you will notice some obvious gaps and improvement opportunities, and so will your neighbors.

Identify Key Details

Next in cybersecurity, as we start to dig in, it’s important to identify the assets (physical and digital) and information/data we are working with, where they are stored, where they are moving (via data flow mappings), etc. There are lots of little variables that go into ensuring that we put together the right plan for security controls and ongoing improvements. Think of this like identifying your geography, soil type, sun and shade mixture, natural rainfall, and so on that will have an impact on the type of lawn you can support, and the type of landscaping needed to support it.

Apply Treatment & Controls

After establishing the desired state, comparing to the current posture, and identifying important details, we can then identify the gaps and put together a treatment plan. This is plan-of-action to get us to that desired state by undertaking various projects. For cybersecurity, this usually involves a timeline, budget, and various resources including technical solutions, administrative actions, etc. It happens with a combination of people, technology, and processes. In much the same way, as you start to build up a lawn, you may install new sod, treat with fertilizer or other chemicals to modify the pH of the soil, and water it plenty until it is well established and stable.

Ongoing Monitoring & Maintenance

As with anything in our cybersecurity world, once we’ve established a desired posture, we’ll need to keep a close eye on things by constantly monitoring and applying updates as conditions change. For example, weeds may pop up, critters may infest, or harsh weather may damage the beautiful landscape, creating new weekend projects. It is much the same in cybersecurity, as controls are found to be less effective against new attacks, or as new threats emerge, we constantly evaluate the effectiveness of our controls through risk assessment. When something is found to be lacking, it is addressed through a new set of projects or tools. Through this journey we get to enjoy the fruits of our labor: a healthy and beautiful lawn, or a thriving and secure business.


Have an untidy, weedy business? Reach out to the team at Axxys and let us help you build your build a program, identify your critical assets, apply controls to minimize risk and close the gaps, and provide ongoing cybersecurity leadership for the future!

Recent Posts

Co-managed IT Services Use Cases

Co-managed IT Services Use Cases

As businesses become increasingly reliant on technology, many are turning to co-managed IT services as a way to maximize their efficiency and get the most out of their tech investments. Co-managed IT is an arrangement in which a company utilizes both an internal IT...

How an MSP Can Support a Remote Team

How an MSP Can Support a Remote Team

The migration to remote work in recent years has highlighted the need for organizations to have a reliable managed service provider (MSP) that can provide comprehensive support. Here are some of the ways an MSP can help your remote team:   Security Security is...

Co-Managed IT Services for Law Firms

Co-Managed IT Services for Law Firms

Co-managed IT service is a type of IT service delivery model where the responsibilities for managing, monitoring, and supporting an organization’s IT infrastructure are shared between the internal IT staff of the company and an external managed service provider (MSP)....

Use Cases for Co-Managed IT Services

Use Cases for Co-Managed IT Services

Meeting the IT needs of a business using internal resources can be difficult and expensive. Meanwhile, outsourcing IT services may prompt questions about control and security. One of the ways the market has evolved is through Co-Managed IT Services, which provide a...

The Tempo of Cybersecurity

The Tempo of Cybersecurity

You are probably thinking to yourself, “oh great, another cybersecurity article”. I feel the same way sometimes, that I’ve become numb to the statistics, and I just want to go back to a time when we didn’t have to consider unscrupulous threat actors trying to take...