A poultry processing plant is a noisy place full of people, machinery and, of course, chickens. It’s probably not the first place that comes to mind when one thinks of a modern digital enterprise, but the industry relies heavily on technology to facilitate supply chain operations, automate customer interactions and communicate between facilities.

I recently worked with a company in this industry that suffered a serious security breach when ransomware infected one of its systems and then spread throughout the network. From a single entry point, the ransomware took down systems from the company’s enterprise resource planning servers to its Voice over IP telephone service. The company’s operations were thrown into chaos and it was losing tens of thousands of dollars every day — all because of a malware infection.

As I travel the country interacting with CDW clients, I hear stories like this regularly. These experiences have provided me with four lessons that any organization can use to improve its own security posture.

1. Use Discovery Tools to Get to Know Your Network

The modern organization houses a tremendous diversity of technology ranging from laptops and desktops to servers and mobile devices. All of these devices are spread across operating environments, with some in data centers on physical or virtualized platforms and others in the cloud or on the road. Automated discovery tools can help you identify all of your digital assets and determine whether they comply with your security policies.

2. Adopt Next-Generation Endpoint Protection Technologies

Endpoint protection has evolved far beyond the days of simple signature-based anti-virus software. Modern endpoint protection platforms combine this time-tested technology with tools that perform behavioral analysis and use machine learning to identify previously unknown threats. The management team at the poultry plant didn’t think that their company would be the target of a zero-day attack, but they were wrong.

3. Choose an Integrated Solution to Reduce the Burden on IT Staff

Skilled security staff are a scarce commodity in almost any organization. In fact, the 2017 Global Information Security Workforce Study projected a gap of 1.8 million cybersecurity professionals within the next five years. Anything an organization can do to reduce the number of tools required to secure an organization and the number of people required to run those tools will help it operate efficiently in this new environment. Adopting an integrated solution improves security by better tying information elements together and improves workflow by reducing hand-offs between teams.

4. Have an Incident Response Strategy Ready to Go

We implement security controls to reduce the probability and impact of potential breaches, but those breaches will still occur. Organizations should have the processes and technologies in place that allow them to respond quickly and decisively in the event of a breach. This is another area where integrating your security tools can pay off handsomely by allowing tools to pool their knowledge and take remediation actions without any human intervention.

After experiencing this breach, the poultry processor reached out to us, and we implemented these strategies. That was a year ago, and I’ve witnessed a transformation of both technology and culture in the organization. They now treat security as a high priority and are investing appropriately in preventing a recurrence of the incident. By sharing this story, I hope that others can learn from this experience and improve the security posture of their organizations before their next breach occurs.

To learn how your organization can protect its data and networks with solutions such as next-generation endpoint security, download the CDW Cybersecurity Insight Report.

This blog post brought to you by:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>