Do You Secure Your Lawn?

Sep 2, 2021 | Security

Do you secure your lawn? No, I don’t mean from the likes of “Dennis the Menace”, and hopefully you’ve never uttered the phrase “you darn kids get off my lawn!” But believe it or not, there are some similarities between caring for your lawn and cybersecurity. Maintaining a well-kempt lawn will help minimize weeds, bug infestations, and will overall increase the value of your home or property. And as we’ll discuss in today’s blog, maintaining a strong cybersecurity posture has a similar effect on your business.

Establish a Desired State

The first item in cybersecurity is usually to assess where you are and to compare this to where you want to be. This establishes your desired posture and starts to identify gaps between your current state and desired state. Compare this to looking out your front door and seeing a lush green and manicured landscape, or a unkempt weed-filled pasture. For the latter you will notice some obvious gaps and improvement opportunities, and so will your neighbors.

Identify Key Details

Next in cybersecurity, as we start to dig in, it’s important to identify the assets (physical and digital) and information/data we are working with, where they are stored, where they are moving (via data flow mappings), etc. There are lots of little variables that go into ensuring that we put together the right plan for security controls and ongoing improvements. Think of this like identifying your geography, soil type, sun and shade mixture, natural rainfall, and so on that will have an impact on the type of lawn you can support, and the type of landscaping needed to support it.

Apply Treatment & Controls

After establishing the desired state, comparing to the current posture, and identifying important details, we can then identify the gaps and put together a treatment plan. This is plan-of-action to get us to that desired state by undertaking various projects. For cybersecurity, this usually involves a timeline, budget, and various resources including technical solutions, administrative actions, etc. It happens with a combination of people, technology, and processes. In much the same way, as you start to build up a lawn, you may install new sod, treat with fertilizer or other chemicals to modify the pH of the soil, and water it plenty until it is well established and stable.

Ongoing Monitoring & Maintenance

As with anything in our cybersecurity world, once we’ve established a desired posture, we’ll need to keep a close eye on things by constantly monitoring and applying updates as conditions change. For example, weeds may pop up, critters may infest, or harsh weather may damage the beautiful landscape, creating new weekend projects. It is much the same in cybersecurity, as controls are found to be less effective against new attacks, or as new threats emerge, we constantly evaluate the effectiveness of our controls through risk assessment. When something is found to be lacking, it is addressed through a new set of projects or tools. Through this journey we get to enjoy the fruits of our labor: a healthy and beautiful lawn, or a thriving and secure business.

Have an untidy, weedy business? Reach out to the team at Axxys and let us help you build your build a program, identify your critical assets, apply controls to minimize risk and close the gaps, and provide ongoing cybersecurity leadership for the future!

Recent Posts

The Modern Digital Warzone

The Modern Digital Warzone

Cybersecurity often shares many comparisons to military and borrows many concepts and terminology from the forces. For example, the Lockheed Martin Cyber Kill Chain is borrowed from a military concept related to the structure of an attack consisting of target...

So, What’s the Big Deal About Ransomware?

So, What’s the Big Deal About Ransomware?

Thanks to the recent Colonial Pipeline and JBS cyberattacks (and their subsequent impacts), you’re probably encountering the term ransomware more than you used to and it’s not hard to see why – the number of successful ransomware attacks is rising dramatically. The...

A New Era in Cybersecurity – Assume Breach Mentality

A New Era in Cybersecurity – Assume Breach Mentality

As we kickoff a new year of 2021 and begin marching towards this year’s goals and objectives for success, I wanted to share thoughts and feedback around the ever-growing elephant in the room called cybersecurity. It has been a challenge for small businesses for many...