Tuesday morning you roll out of bed, turn off your alarm, tiptoe down the stairs, retrieve your paper, flip the hallway lights on, feed the dog, and start making coffee—in five minutes. Performing this series of early-morning tasks is called chunking. Certain neurons in the brain “bookend” the habit for you, signaling the routine has started (the alarm) and ended (coffee). This chunking helps you perform habits each day almost unconsciously, giving your brain more time to learn and potentially create new habits.

Survey Says: Adapt

Have you formed any new habits recently to help your security program advance?  

A recent Ivanti remote work survey cited 66% of IT professionals experienced a rise in security issues this year since the workforce became mostly remote. In another study, more than half of IoT devices were found vulnerable to either medium- or severe-rated attacks. And earlier this year, a hacker published a list of credentials for more than 500,000 home routers, servers, and IoT devices. What is clear: threat actors have adapted to the recent climate and are pursuing your unsecured endpoints, old routers, and unencrypted VPNs. You must adapt as well.

Forming New Habits: Self-Secure

Intelligent organizations understand security should not be a reactive pursuit, but an adaptive, ever-changing function. You cannot predict every cybersecurity attack, but you can prepare. Enterprises should adapt to respond to threats they face as well as anticipate future ones. One way to prepare is to follow the CIS Critical Security Controls best practices. The top five controls are the most important:

  1. inventory and control your hardware assets
  2. inventory and control your software assets
  3. apply continuous vulnerability management practices
  4. control the use of administrative privileges
  5. implement and manage the security configurations of your devices 

The other smart thing to do is respond sooner. Most threat actors exploit vulnerabilities within a median of 22 days and most exploits have a seven-year shelf life according to a research study from RAND. The longer you take to patch, the more vulnerable you become. 

In order to adapt, take steps to also become self-secure. At Ivanti we help our customers adapt into a self-securing stance to better understand threats. We break down our self-securing offering into three parts: sensing, prioritization, and remediation.

  1. Sensing what’s in your environment includes discovering and detecting items such as software and devices. This stage analyzes vulnerabilities, and continuously monitors for change.
  2. Prioritization involves seeing what is actively being exploited and responding to risk in the right order. Algorithms using predictive methodologies help anticipate changes and give guidance on the best strategies to resolve challenges.
  3. Remediation determines what actions will fix the problem based on prioritized risk. Assessment of threats need to adapt to environments and circumstances. The more automated responses become, the easier it is to combat threat actors.

For more information on these steps, Ivanti’s patch management expert Chris Goettl reviews these steps in more detail

Applying Security Habits

Our self-secure adaptive design is part of Ivanti’s overall hyper-automation platform, Ivanti Neurons. Security plays a role throughout each component of this offering:

Here’s an example of security in action from one of our manufacturing customers of Ivanti Neurons for Healing. This customer had challenges receiving laptops back from former employees. In one case a former employee was 3,000 miles away. Typically, 30% of assets are “ghost” assets that are lost or unaccounted for. These types of “ghost assets” cause data and security risks. The Ivanti team helped our customer disable the accounts in question by locking laptops and rebooting the machines remotely. Within hours, our customer received notifications indicating laptops were shipping back to corporate. As a result, Ivanti improved the customer’s overall security posture. 

Conclusion

Cybersecurity threats will remain challenging as remote working extends and data from endpoints and edge devices grows. Ivanti can help you adapt your habits into a self-securing stance. For assistance, request your free Ivanti Neurons trial.