It’s been over 20 years since I was last in London, and, yesterday, as I walked along the Thames, I found myself taking in the many new buildings and the new skyline they create, noticing new transport infrastructure and new rail and underground lines, and stumbling across areas of London that have been revitalised and upgraded.
As someone who spent a significant amount of time working and living here in my past; walking around the city, navigating London’s transport system, and spending time here, all felt incredibly familiar. For example, the visual nature of London, such as the design classic that is Harry Beck’s London Underground Tube map, contributes to creating the fundamental nature of London that remains the same.
It struck me that my view of there being a fundamental nature to London’s landscape, is an appropriate analogy for the ever-changing cybersecurity landscape and the need to not lose track of the security fundamentals that should underpin security practices.
There are still cybersecurity attacks taking place that can been prevented by patching systems and keeping them up to date. Security teams have become increasingly focussed on ‘Detect and Respond’ as the ever-increasing list of acronyms can attest:
- Endpoint detection and response (EDR)
- Network detection and response (NDR)
- Extended detection and response (XDR)
- Managed detection and response (MDR)
- Managed extended detection and response (MXDR).
We have become increasingly focused on detecting and assuming breach, but it is vital that we don’t lose track of some of the fundamental security practices that can prevent exploitation of systems.
An ounce of prevention is worth a pound of cure.
Benjamin Franklin
Security teams and the IT teams that they work with, need to work closer together to ensure that systems are created securely, from the outset. In many ways as security has become a discipline of its own, IT teams have been able to become less security focussed. “It’s OK, the security team will deal with that”.
We seem to have shifted right where we should be shifting left!
Microsoft recently announced Premium capabilities in Microsoft Defender Vulnerability Management. As part of the announcement:
By shifting left and investing in strengthening your organization’s security posture, organizations can more quickly and efficiently identify and address vulnerabilities, reduce the risk of security breaches, and minimize impact of potential security incidents. Microsoft Defender Vulnerability Management simplifies your proactive protection so you can efficiently manage vulnerability and configuration risks in one place.
Microsoft Defender Vulnerability Management premium capabilities
The overall management of security within an organisation needs to become baked into processes created and endorsed at C-level to ensure the fundamentals such as timeous patching and maintenance of systems are frictionless.
I have seen so many organisations over the last few years that have known ‘blind-spots’ in systems that are ‘not-upgradable’ for one reason or another. They pile on more and more security controls to prevent breach, but are unwilling to take the necessary steps to prevent breach by focussing on the fundamentals.
The Defender Vulnerability Management add-on for Defender for Endpoint Plan 2 is a vital tool that will allow us to continuously discover and monitor assets, and replace periodic scans with continuous monitoring and alerts.
By detecting, tracking and mitigating risks automatically as part of a detect and respond strategy, we can help bridge the gap between security and IT teams and more easily maintain some of the fundamentals into our security processes.
References
Microsoft Defender Vulnerability Management | Microsoft SecurityMicrosoft Defender Vulnerability Management premium capabilities