Automating security operations, or SecOps, is one of the most powerful strategies organizations can employ to protect themselves and their data. All too often, however, they don’t leverage it as well as they could.

Security automation pulls together data from disparate systems to make information more visible and actionable. For example, a solution may not only alert IT teams to a critical vulnerability on enterprise devices but also initiate remediation. It could spot a vulnerability that can be solved with a specific patch, so staff members can determine the best way to solve the problem.

Here are a few of the ways organizations are putting SecOps to work, delivering greater efficiencies and peace of mind to their IT teams.

At this stage of the pandemic, remote work is nothing new for most of us. But thriving in this environment is still very much a work in progress. As we all acclimate to our home lives and work lives combining, organizations must continue to hone their IT strategies to address new security needs. How can they do this? It’s a question my CDW colleagues and I explored in a virtual roundtable we held called “Securing the New Remote Workforce.”

Let’s dive into a few key security takeaways this panel touched on.

Zerologon is the name given to a security vulnerability found in Microsoft Windows domain controllers by Secura. It is an unauthenticated privilege escalation vulnerability in the Netlogon Remote Protocol (MS-NRPC). An attacker can leverage this flaw to gain administrative access to a Windows domain.

This vulnerability was assigned CVE number CVE-2020-1472 and rated critical. A Zerologon vulnerability that was patched by Microsoft in August has been making the news lately as proof of concept exploits have started to appear in the wild. In this post, I will discuss in more detail what this vulnerability is and how you can defend against it.

Players use a variety of strategies in Monopoly. If you are familiar with the game, you know you must achieve a monopoly before you can build, and you need four houses before you can add a hotel. My preferred strategy is to establish an infrastructure before I start building houses. I try to buy railroads and utilities, as well as the less expensive properties on the board.

In this way, Monopoly mirrors the Internet of Things. As localities try to implement IoT technologies for smart cities initiatives, they need an infrastructure that includes networking, storage and processing to handle the data that will be collected, stored, transmitted and analyzed. And starting with smaller, less expensive projects can help them establish a record of success before they move on to bigger things.

Everyone has a preferred method when playing Monopoly. Some people save up and get Park Place and Boardwalk — others prefer to acquire the railroads and utilities. Whatever your way to play, the reality is that it can all go to pot if you land on the wrong space.

Technology is more important than ever to the merger and acquisition (M&A) process. For many firms, IT is a top driver of deals, but it can also be a sticking point.

In its “Corporate M&A Report 2020,” Bain warns of the challenges posed by IT integration: “In a tech-enabled world, deal scrutiny is expanding to include issues such as data ownership and access to critical technology, often prompted by national interests, as well as the impact on future competition. The time, complexity and the resources to get deals over the regulatory hurdle are rising — it will take longer than you think and cost more than you expect.”

It’s essential for organizations to prepare for the integration process and enter it with their eyes open. These four types of technology tools can help to streamline IT integration.

The most exciting part of my job occurs when I have the opportunity to visit with a new client organization and help its leaders assess their security infrastructure and remediate any vulnerabilities. I enjoy being able to examine the current state of their cybersecurity programs and help them redesign elements to better address the modern threat environment.

Recently, I had the opportunity to engage in this type of work with one of CDW’s customers — the government of a midsized county. As we worked through the assessment, we identified two core issues that required immediate attention. First, the county’s network firewall platform was quite outdated, running technology that was over a decade old. The devices still functioned, but they were designed to protect against the threats of 10 years ago, not today’s advanced persistent threats. Our first core recommendation was that the county replace this aging firewall infrastructure with a modern next-generation firewall (NGFW) designed to stymie today’s attackers.

We also realized that the core of the county’s network lacked essential security controls. If someone gained physical access to the building and connected any device to the network, the attacker would have open access to all types of resources. There was no internal access control restricting the devices that could connect to the network and limiting the authorization of those devices based on the identity of the user. The county urgently needed a network access control (NAC) solution to address these risks and protect its network.