Cyber Security Month Wrap-Up

This month was the “Cyber Security Month” and I had the idea to post a security tip on Twitter for the first day. Don’t ask me why. Then, I wrote a second one and decided to tweet something every day. We are now at the end of the day and I’m publishing a recap of all tweets…

1. Cybersecurity should not be taken into account only during the Cyber Security Month…
   
2. Wielding the Gartner #MagicQuadrant as a shield will not make you bullet-proof!
   
3. To have a backup procedure in place is nice, but do you have a “restore” procedure?
   
4. The efficiency of your #SIEM is not directly proportional to the number of indexed events!
   
5. Restoring your last backup is not efficient when you faced a data leak
   
6. Afraid of seeing well-trained people resign? What about those who don’t get training and stay on board?
   
7. In meetings, do not always trust the person wearing a tie, the bearded man with a black t-shirt has for sure an interesting point of view!
   
8. Choosing a #MSSP is not only subscribing to a bronze, silver or gold plan. Do they know your business and your crown jewels?
   
9. A backdoor in your security device is not an OOB access solution.
   
10. If you care about being port-scanned, you are focusing on wrong threats!
    
11. Today, many software updates are still delivered over HTTP. Do NOT upgrade while connected to wild networks like #BruCON^Wsecurity conference!
    
12. Thinking that you aren’t a juicy target for bad guys is wrong. You could be (ab)used to reach their final target!
    
13. The goal of a pentest scope is not to prevent known-vulnerable servers or apps to be tested!
    
14. If your organization faced the same incident multiple times, you probably have to optimize your incident management process.
    
15. Many security incidents occur due to the lack of proper solutions for users to work efficiently.
    
16. You don’t include #IPv6 in your security controls because you don’t use it? Wrong, you DO already!
    
17. ML, AI, Agile, … Nice buzzwords but stick to basic security controls first!
    
18. How can you protect yourself if you don’t know your infrastructure?
19. Don’t hide behind your ISO certification!
    
20. The best security solution is the one that fulfills all your requirements (features, $$, knowledge, integration). Don’t keep security $VENDORS promises as is, challenge them!
    
21. No incident reported by your SOC for a while… Sounds good or bad? Improve your use cases constantly.
    
22. Send your team members to infosec conferences, they will learn a lot and come back with plenty of ideas.
    
23. Computers aren’t anymore a box with a screen, keyboard and mouse. Today most devices are connected computers with an OS, I/O, memory, storage and… vulnerabilities!
    
24. Today, Infosec plays at layer 8. We have all tools and controls but most of the time we need to compose with political/business/legal aspects to deploy them.
    
25. The Supply Chain does not stop once devices have been received. Decommissioning is also an important step to prevent information leak.
    
26. Most of your security tools have plenty of unused/hidden features, learn them to improve their efficiency! #RTFM
    
27. Docker containers’ purpose is not vulnerabilities containment.
    
28. Assigning less budget to security in the hope to detect fewer incidents is a bad idea!
    
29. Keep an eye on your Internet footprint. OSINT is used by attackers too.
    
30. Don’t be afraid to look like the boring guy to your colleagues. One day, they’ll thank you!
    
31. Take a deep breath and re-read all tips on this blog.