Defending Against Advanced Threats in an Evolving Threat Landscape

19
David MacKinnon

“There’s no silver bullet to developing your security stack, and an understanding that attacker tactics will continue to evolve over time is key in identifying your security roadmap,” says David MacKinnon, Chief Security Officer, N-able, in an exclusive interview with ITSecurityWire.


ITSW Bureau: What steps can organizations take to successfully tackle network complexities?

David MacKinnon: For organizations to tackle network complexities they need to complete an effective risk analysis. Through centralized device and policy management, which supports both on-premise and cloud environments, they can successfully and effectively take on today’s complex IT landscape. 

Organizations must also recognize and accept that their enterprise’s network—and really their data—extends far beyond the environment they manage. With the continued adoption of both SaaS applications and cloud workloads, organizations should spend time understanding where their data may be stored and, even more importantly, if they are comfortable with that vendor storing it.         

ITSW Bureau: With the growing and evolving threat landscape, how do you suggest organizations to protect against advanced threats with fully integrated layered solutions?

David MacKinnon: An organization that lacks a properly implemented, configured, and monitored security stack is running a significant risk being disrupted by a cyberattack. Understanding the threat landscape as it applies to your organization, and proactively developing solutions to protect your business, is critical. 

There’s no silver bullet to developing your security stack, and an understanding that attacker tactics will continue to evolve over time is key in identifying your security roadmap.  Some of the basics are always necessary, such as email protection, EDR, a strong identity platform, as well as monitoring these systems. You should also ensure that you have a plan in place, one that has been tried and tested, for when something goes wrong. Knowing what you’re going to do, who you’re going to call, and when/how you’re planning to recover is a critical piece of cyber preparedness.

Also Read: The Threat Landscape in 2022 – Cyber Criminals Targeting Cloud Infrastructure is on the Rise

ITSW Bureau: What steps should security professionals take to simplify complex policies? How does N-able’ N-central empower security professionals to achieve this?

David MacKinnon: Security should be a part of a company’s DNA and considered in everything it does. Security teams must be a partner of the rest of the business and collaborate across teams as security policies are being developed. As it has been said many times: “Don’t let perfect be the enemy of good.” Take an iterative approach in developing achievable metrics where both you and your partners succeed. 

Also, identify opportunities for automation to ease the implementation of those polices and understand that you are both working to make the company better. The recently launched N-able N-central helps teams to do just that. It supports organizations by streamlining the implementation of policies and allowing teams to; automate their work, enable them to expedite package and configure deployment across the organization.

ITSW Bureau: What steps do you suggest organizations should take to manage endpoint protection across the organization?

David MacKinnon: First and foremost, identify how you want to group machines across your organization and how you wish to protect them. Based upon their usage (server vs workstation), some machines may need custom configurations to ensure a seamless deployment with a focus on availability and performance. Further, if machines are largely outside of your environment, to support flexible working, your endpoint protection may require additional layers of protection.

Once you’ve identified your machine grouping, work to identify the tooling you wish to deploy and configure each of those solutions’ policies to levels that meet your organization’s level of risk tolerance. Finally, use an RMM system to deploy those solutions in an easy and measurable way.   

David MacKinnon is the Chief Security Officer at N-able. Prior to joining N-able, Dave was an IT security leader for AT&T/Warner Media, where he implemented an extensive security program managing complex incident response events. Dave MacKinnon has over 20 years of experience leading global security teams focused on cybersecurity, incident response, forensics, and threat intelligence across various industries.