Don’t Panic Over Cybersecurity News

All right. Welcome back to another little news blurb. Today, we’re going to be talking about all the little things that make us panic in IT over the years. It’s always something. A few weeks ago, or maybe months ago, it was Log4j, it was this vulnerability with a logging thing, for basically Linux, Apache, MySQL, PHP, all that jazz. And today, well, you go back a little farther, there was another one, it was PrintNightmare, everyone’s going to lose all their networks over this PrintNightmare. And the latest one is the Russians are going to get us. So we just got this, I’m going to share my screen here. So we’re a member of CompTIA. It’s a great organization, if you’re an IT professional, you should be a member of their organization. And they sent this in the mail and it’s great. I mean, I’m not dogging on them, but at the end of the day, all this stuff about things going on and attacks, the protections are there. You need to have protections in your environment.

And when these things happen, it’s not panic time. And a lot of organizations, like companies like ours, will sell on fear. You should be reacting to this stuff in a way that’s over the top, and buy all my products. There are good security things that you need to put in place. You need to have some basic stuff. You need antivirus, you need an endpoint detection response. They’re just things that you should have in place. If you have those things in place, when these things come around, you don’t sweat them too much. But again, it’s panic time again. Russia and Ukraine are heating up, and Russia is state sponsored. I mean, this is the headline, Severity high – TLP Green – Russian State-Sponsored Cyber Actors Target Cleared Defense Contractors Networks to Obtain Sensitive Information. They never stopped doing that. This is not new. It’s ongoing, it’s never going to end.

We’re never going to stop trying to get that information from them. This is not going to ever go away. So as far as your organization and your security, yes, you should be secure. Yes, you should have all the tools in place to protect your environment. Should you let the news constantly keep you on edge about your infrastructure? No. If you’ve got your own team in house, and they’re watching the news, and they’re seeing what’s going on, and you’re spending the right amount of money on your security. And when I say the right amount of money, one of the things of having been in this industry as long as I have, is you learn real quick that there’s a right amount to spend on technology. And if you’re not spending that amount, you’re probably not getting enough security. There’s no secret sauce to security. There’s good products, there’s some not so great products, there’s overlapping products, where you can buy two things that do the same or do something different, but then there’s still overlaps between them.

And that’s just where you need to have your IT team or your third party that understands those technologies, and puts the right things in place, and doesn’t just buy things at random and start slapping things together. It needs to be a methodical approach. If you’ve done that, as you get these news articles coming out, like this one, then you just look at them and you’re like, “Okay, we’re being attacked. There’s nothing new to do. I’m aware that could happen, but I can’t put any more security measures in place. And there’s no directive on how to protect against this that’s different than what I’m already doing.” So the whole point in this, you’re going to get these things, your IT departments are going to get them.If you’ve already got the right stuff in place, you just keep doing business as usual, keep protecting your employees, your company, and in our case, our clients, from active threats, watch for these things coming out. But it’s not something to go and freak out that the whole world’s going to come to an end because the Russians are going to get us.

So anyway, that’s all I’ve got for today. All that cybersecurity news that comes out and makes big headlines, gets everyone amped up, disregard it. Put good security in place and just keep doing what you keep doing and go on with your life. So hope that helps you guys out, and have a great rest of your day.