While adjusting to life under a pandemic, we’ve become familiar with a host of medical and safety terminology that either didn’t exist before or was of little interest to anyone not in the medical or scientific community. Phrases like social distancing, contact tracing, and super-spreader have now become part of the common lexicon. They matter to us because we want to be safe and we want to keep our loved ones and friends safe, too.
But I’ve noticed something during this time of concern: a lot of the things we’re being asked to do in response to this disease have parallels to the advice we give to organizations for keeping their data and IT infrastructure safe. It’s not that surprising, really. We’ve become used to the idea that computers can be infected by “viruses” and familiar with the concept of good digital hygiene.
As we grow more familiar with the terminology and practice of health safety during the pandemic, the clearer those parallels become. As both medical experts and cybersecurity professionals work to inform the public of what precautions they should take to protect themselves from viruses and to stop their infections from spreading, the advice comes down to three steps: test and detect, containment, and immunization.
Test and detect
When protecting any at-risk community, it is important to know what you are looking for, what the symptoms and indicators of compromise are, and how to test for the presence of threats.
For increasingly complex networks, continuous monitoring and risk assessments are required. We need to understand every packet, bit, flow, application, interaction on the network as well as device and user interactions. That requires visibility not only into every device but every single ..