This post originally appeared on the Rackspace Blog and I’ve posted it here for readers of this blog. Feel free to send over any comments you have!
Most IT professionals would agree that 2014 was a long year. Heartbleed, Shellshock, Sandworm and POODLE were just a subset of the vulnerabilities that caused many of us to stay up late and reach for more coffee. As these vulnerabilities became public, I found myself fielding questions from non-technical family members after they watched the CBS Evening News and wondered what was happening. Security is now part of the popular discussion.
Aaron Hackney and I delivered a presentation at Rackspace::Solve Atlanta called “The New Normal” where we armed the audience with security strategies that channel spending to the most effective security improvements. Our approach at Rackspace is simple and balanced: use common sense prevention strategies, invest heavily in detection, and be sure you’re ready to respond when (not if) disaster strikes. We try to help companies prioritize by focusing on a few key areas. Know when there’s a breach. Know what they touched. Know who’s responsible. Below, I’ve included five ways to put this approach into practice.