Are You Lost in the World of Cybersecurity Acronyms? Let's Decode and Secure Your Business!
I'm Max Clark. These are the 6 cybersecurity acronyms that you need to know and make sure that you're using to secure your business. Okay. Number 1, IAM, identity and access management. IAM has a lot of subcategories in it.
Speaker 1:The key thing here is that you have a centralized identity and control of user identities and access to your IT resources. Do you have a system in place that allows you to create accounts, disable accounts, deactivate accounts, delete accounts, and is that system then used by all of the other, IT systems that you have in place? That way when you make changes to a user account in one place, it can cascade or be referenced by everything else. I'm is a fantastic easy way for you to control your identity, your user access, connection to your IT systems and is an absolute foundational must. Okay second acronym SSO single sign on.
Speaker 1:Single sign on is also part of I'm and with single sign on these are systems like I mean you can use azure directory you can use okta you could use ping identity there's different SSO providers and the key here again is that your employee has a single resource that they can authenticate and sign in with that then gives them the ability to credential and sign into other platforms. So now instead of having to remember dozens or hundreds of different logins, all I have to remember is my credentials to log into this SSO platform and then that SSO platform can enable me to log into other things. Okay third one, MFA multi factor authentication subset of I'm Notice a trend here. We're talking about identities, securing your identities, protecting your identities, making credentials easy. Right?
Speaker 1:So foundational stuff. Multifactor authentication. In the good old days, multifactor authentication, we had these, secure ID from RSA. These these little tokens we carry on our keychains and it had had 6 numbers on it. It would rotate every 30 seconds and we have to type those numbers in.
Speaker 1:Today when we talk about implementing MFA, it is done typically one of the few ways. I'm gonna tell you the bad ways. I'm gonna tell you the good ways. We're gonna give you a little little cheat sheet here. Bad ways.
Speaker 1:Absolute worst way. Code being emailed or sign in link being emailed to the account. So you go to log in to a site and it says we're gonna send you a sign in link or we're gonna send you a sign in code to your email. That is horrible horrible horrible second one a little bit better but still bad SMS you receive a code in your text message that says enter this code into the system in order to authenticate SMS systems are incredibly vulnerable Easy to compromise. Easy to take over and gain access to accounts.
Speaker 1:So any MFA system that's relying on either email or SMS better than nothing but it you should just assume it's hot garbage. From there we go to the authenticator style applications. And so this implements the RSA, what looked like the RSA security functionality and software. So now you get inside your application, you get a rotating set of, 6 numbers. It changes every 30 seconds to then authenticate.
Speaker 1:The authenticator systems are fantastic. They integrate with your SSO system or your password management system so you don't have to have a standalone platform. By the way, you could run Google Authenticator for free. You can run the Microsoft solution for free. There's free authenticators in the market.
Speaker 1:You can just get them and use them. So there's no excuse for you not to have it. From there you go to app based push based authentication. Duo has a very common platform for this one that Cisco purchased and systems like Microsoft. And again, Google are implementing this natively within their applications where when you go to sign in and authenticate another trusted device that already exists gets a push notification says, hey.
Speaker 1:Are you trying to actually do this? Yes or no. And you click yes, then maybe it prompts you for another piece of information. Like, what numbers do you see on the screen in the Google case? And your highest level MFA is having a hardware device you have to plug in.
Speaker 1:Google Titan keys, YubiKey is extremely common and and cost effective to do this. And what's great about these platforms is unlike a human, it can't be tricked. So it has to match the website exactly perfectly in order for it to work. So anyway, so, top to finish on MFA. But the keys here so far to rehash, we've got I'm we've got single sign on SSO and we've got MFA.
Speaker 1:Okay. From here, where do you go? We go number 4. Number 4 is EDR, endpoint detection response. I hate the marketing term next generation antivirus or advanced antivirus.
Speaker 1:It is not. It is not antivirus. Antivirus is looking for tax signatures inside of a database to say this software is doing something weird. If you're running antivirus, you can just delete it. I mean, it's gonna protect you from something that's been running for a long time out there in the world, but it's not gonna give you any any real value protection to your environment, your your your devices when you need it.
Speaker 1:So you want to run an EDR. Now EDRs become foundational for other things within cybersecurity. You You don't have to worry about those other things. We're not gonna talk about it right now. What you wanna understand is that your number 4 thing that you wanna deploy is a good EDR platform.
Speaker 1:Okay. Next from EDR, we go to 5. 5 is SAT security awareness training. Listen, we can make fun of SAT. I do it all the time.
Speaker 1:Or SAT. We can make fun of SAT. There's horrible stories of people doing, SAT in terrible ways and doing horrible things to their employees, and I don't agree with that stuff. But if you can provide education to a user that at a just just makes them pause before they take action and just think about what's going on, you've won. Right?
Speaker 1:That is a success case for SAT. SAT's also going to be required with most cybersecurity policies in terms of managing and helping reduce your risk. So you're going to want to have security awareness training program in place and which takes us to our last. Number 6 is secure email gateway. Secure email gateways will do a couple of things for you.
Speaker 1:The first one that people commonly think about is we we refer to as north south traffic. Right? So stuff on the Internet into your email platform. But, Max, I'm running Google or Microsoft Office 365, and I'm protected. Yes.
Speaker 1:You're better off than running nothing, but the detection that you get with Microsoft 365 or with Google Workspace versus what a actual secure email gateway platform will do for you is night and day. It is incredible. Now first thing is that protection of that north south traffic. Okay? Or coming into your environment.
Speaker 1:Right? And so these get implemented by an m x redirect. So the m x record comes into the security mode gateway system. The other thing that these, platforms are doing that are phenomenal for you is the lateral movement. Right?
Speaker 1:So they can connect into these platforms via APIs and journaling and they can see emails flowing between accounts inside of inside of your environment. This is critical for a couple of things. Right? It's critical for account takeover and impersonation because a really common attack factor into an environment for whether it well, we'll use what's a good example? Oh, wire transfers.
Speaker 1:Right? Like, oh, we've convinced the accounting team to wire $40,000,000 because the CFO has emailed them that you're acquiring some company. It's really secret and you gotta get this money out right this second. Right? That's a true story.
Speaker 1:It happened. So in this case, an attacker gains access to an account and then we'll profile that account and we'll learn how your operations work and they'll sit there and then they'll run it through some AI tool and come up with a script and then we fire off this attack and next you know the wire transfer has gone out. Right? So secure email gateways will help you prevent that impersonation and that lateral exploit inside of your environment. Now the other thing that's cool about most serial gateway systems in the market is they will bundle their own sat tool so you can go out and you can buy this as a combination so you don't have to go out and last license sat and email gateway separately.
Speaker 1:You can just go out and you can license an email gateway tool and settle include sat modules and training all these different things and then the secure email gateway can can participate in the actual sat program. There are a lot more acronyms in the span of cybersecurity. It is a absolute complete word soup. It makes my my friends in the military look like they don't have acronyms because we've cybersecurity has decided to really up their game and dominate the acronym nonsense. But quick rehash, I am single sign on SSO, MFA, EDR, SAT, SEG.
Speaker 1:Now why am I saying those big ones, right? Because those first three will give you the most value in terms of bang for the buck, what you're gonna get out of them, what they cost you to implement, the improvement to your cyber security posture, the ease of use and happiness by your employees, the ability for your HR team to provision, deprovision accounts when people are coming and going. All these things are great for you. And then from there, everything just gets better and gets a little bit more layered on it as well. I'm Max Clark.
Speaker 1:Let me know if you have any questions or if I completely got the feeling.
