Outer space is a huge, vast expanse of emptiness. There are endless numbers of asteroids and other debris zooming through the galaxy at blazing speed, and every once in a while one of them somehow manages to crash into our tiny little planet. If an asteroid of sufficient size collides with Earth, it can have devastating consequences–just ask the dinosaurs.
It turns out today is Near Miss Day, in honor of an almost-cataclysmic-impact event that happened in March of 1989. To “celebrate” Near Miss Day, I gathered some tips and insights from security experts about how you can avoid a “near miss” for your network and data security.
Happy Near Miss Day! In 1989 an asteroid roughly the size of a mountain came within 500,000 miles of colliding with Earth. Geophysicists estimate that the impact of that asteroid—had it actually collided with Earth—would have released energy equivalent to the explosion of a 600-megaton nuclear bomb. Astronomers didn’t discover the asteroid—or evidence of how close the near miss was—until nine days after the asteroid has passed.
Just as we did not know about the potential doom of the asteroid until after it was too late, many organizations are already compromised and simply haven’t discovered it yet. The average time it takes to detect a breach after attackers have infiltrated a network is somewhere in the 200 days range. That is an exceptionally long time to be oblivious about a threat that already exists inside your network.
In the movie Armageddon, there is a great line from Billy Bob Thornton’s character who explains why NASA wasn’t able to detect a massive asteroid on a collision course with earth. His character explains to the President that although NASA’s collision budget is $1 million, it only allows the organization to track 3 percent of the sky. He apologizes, saying “Begging your pardon sir, but it’s a big-ass sky.”
“Security is the same way—despite budgets that seem overly sufficient from the outside, things will occasionally slip through and cause damage…some of it catastrophic,” explains Michael Patterson, VP of Strategy for Rook Security. “This often has less to do with the proficiency of individuals working in security and more to do with the attack surface and attack volume most organizations have to deal with each day in relation to their budget. Much like exploring and accounting for every potential threat in the universe, it’s a daunting task. Some firms unfortunately experience the same fate as the dinosaurs and go extinct due to a direct hit.”
In honor of Near Miss Day, I have reached out to security experts to talk about the concept of a “near miss” as it relates to network and data security.
1. Don’t Miss Changing Default Passwords
There are a lot of moving parts involved in most IT projects. Unfortunately, during initial setup, many projects focus on getting the solution running versus following best practices for security. This includes hardening the solution, removing or disabling unnecessary accounts, and even changing all default passwords.
Morey Haber, VP of Technology for BeyondTrust, says, “Everything from SNMP, default administrator, databases, to proprietary management tools may require password changes. These represent a simple near miss factor that any hacker could use to compromise a system with relative ease. In order to prevent this near miss, build into your project plans the security steps necessary to identify all default credentials, regardless of service or user, and plan changes at least twice during the deployment.”
Read the full story on Forbes: 6 Tips To Help You Avoid A ‘Near Miss’ In Security.