Cyber Hygiene From the Inside Out

August 18, 2020

In this episode of The Hacks, Tom and Chunga are talking about cyber hygiene.

Recently, at Black Hat Virtual, Tom gave a speech about how most companies are focused on dealing with infrastructure vulnerabilities in a way that doesn’t actually protect their organization as much as it should.

Unfortunately, Tom says when most people look at their digital infrastructure, they build a defense strategy from the outside in; which is the exact opposite of how it should be done. When an organization scans for vulnerabilities, oftentimes they do so without any actual method to fix them.

What percentage of companies are practicing a legitimate level of cyber hygiene? Tom says it’s very low. That said, he has some ideas and steps that can be taken right away that can help. Listen now!

For more about this episode:

Tom Hatch speaking about cybersecurity at Black Hat Virtual

“The thing is,” Hatch says, “most of the time when we’re looking at our infrastructures, we’re scanning them from the outside. We’re saying, how are these systems accessible, how can they be penetrated. And those scans don’t line up nicely with how to actually fix the problem from the inside. When we begin to look at things from an internal hygiene perspective, it just helps us build a better foundation for the cybersecurity that we’re actually deploying.”

The Cyber Drill

“When you’ve got an army–and as a company, you have an army, an army of databases, an army of people, an army of web servers, an army of all these different components–one of the best things you can do is make sure that army is tuned, drilled, disciplined, able to execute, and supported.”

From there, we move to panicking elephants. Really. Check out the episode to find out how.

Follow us on Twitter:

@saltstack

@thehackscast