According to a Bitkom survey, 88 percent of companies were victims of cyber attacks in 2020/2021. Tobias Fischer, Advisory Sales Engineer at AppDynamics, explains the five steps companies can take to strengthen their security environment. […]
Most companies today rely on IT environments in which cloud and distributed services are combined with legacy technologies. However, this makes it difficult for IT teams to keep track of the security and performance problems of all systems. You need transparency over the entire IT stack as well as real-time data in order to be able to quickly identify and resolve critical problems. The better a company is prepared for an emergency, the better it can protect itself from malware, data breaches and intellectual property theft:
1. A detailed risk assessment. The first step is to determine the degree of vulnerability of all IT resources, the probability of an attack, as well as the possible impact on the enterprise. Often, application data is discovered that is located in previously unknown areas.
Without a detailed risk assessment, companies do not know what other security controls they need to implement. As part of this process, those responsible should also compare their security requirements with their business goals in order to become aware of the concrete consequences of a security breach for business results.
2. A plan for the emergency. After the evaluation is completed, companies should create a roadmap for their IT teams that specifies the measures to be taken in the event of a security breach, thereby significantly reducing the response time. Company-wide exercises that simulate cyber attacks are helpful so that each department can train a coordinated response.
Why company-wide and not just for the security team? Because security breaches can affect anyone and pose real business risks. A careful assessment of the risks and their effects also allows companies to prioritize the resolution of problems so that the biggest threats are addressed first.
3. DevSecOps instead of silos. DevSecOps is a modern approach to software development in which security is made an integral part of the software architecture from the very beginning. For this purpose, security teams work together with the development and operation teams. If the teams work separately in silos, as is customary in many places, communication is often not effective in the event of threats, and responsibility is passed from the security team to the development team and back again, which delays the response time.
If the employees are instead a team and security is integrated into the core of the application, companies can act much more agile and protect themselves better from risks. In order to fully exploit the advantages of DevSecOps, companies should also rely on full-stack observability to monitor the entire IT stack – from customer–oriented applications to the core network and infrastructure.
4. Automated threat detection. Automated security tools are also essential to further reduce incident response times. Systems tend to be too complex and distributed for IT teams to monitor continuously, while traditional monitoring solutions may not be able to detect threats before it’s too late.
Technologies that automate the threat detection process are critical to proactively address security. Runtime Application Self-Protection (RASP) integrates security into an application so that it can detect and remediate threats without human intervention.
5. Regular updates. However, a risk assessment is always just a snapshot. However, as the security landscape is constantly changing, companies also have to constantly adapt their security measures.
With the right tools, IT teams can always keep an eye on the changes and adjustments needed to respond to new threats. In addition, they must regularly check their security measures so that criminals cannot exploit vulnerabilities in outdated technologies.
When companies follow these five steps, they make sure that security is an integral part of their IT infrastructure and not just an afterthought that could make them vulnerable to attacks.
*Bernhard Lauer is, among other things, a freelance editor of dotnetpro and manages the Basic Instinct section here, for example. He has been programming privately with Visual Basic since version 1.0.