Hugging the Cactus and Fixing the Network Flaws
There’s an expression that means embracing your faults so you can evaluate and create a plan to fix them.
It’s a particularly colorful phrase designed to make you wince, particularly if you have tangled with any of these in the Plant Kingdom belonging to the Cactaceae family.
It’s called “Hugging the Cactus.”
Meaning: A full embrace of mistakes, liabilities, mistakes, and hang-your-head blunders. That’s a good step.
Before you can fix, repair, or find a solution, the person doing the evaluation must know what to remedy. More than that, the person must be willing to “Hug the Cactus” to realize what thorns may hurt the most.
So goes network security, half the battle is finding out what vulnerabilities make your network insecure and a prime target for cybercrime. This includes many categories that cyber hackers can exploit, and they are getting more sophisticated every day.
At one time, hackers wanted to breach a network get what they wanted, then hide their tracks and leave. Today, the trend is once cybercriminals infiltrate a network, they want to stay there, undetected, to mine as much data as possible to sell on the market.
Vulnerability scanning is just a part of locking down a network.
Robust security methodology includes employee education on security policies and procedures, a thorough understanding of email Phishing and Spear Phishing tactics, network perimeter defenses, Whitelisting, Access Control Lists, and in-depth accounting permissions rules.
That’s a few, and there are many more areas where criminals can find their way into a network. The easy part is recognizing your network’s vulnerable attack vectors. Security professionals know the difficult part is the buy-in by managers and fellow team members in your business. The most secure network has a top-down approach by senior managers all the way down to the most recent hire.
Network security involves funding and work hour effort due to configuration management, patching, and constant application evaluation and new hardware testing and replacement.
When additional funding is considered, the risk versus reward and return on investment discussion pops up like a barrel cactus in the Southwest of the United States. Often the argument is, “We haven’t had any problems so far with what we have; we can wait.”
There are many ways to stay on top of the network defense posture. These include cloud solutions and virtual machines.
Waiting is what cyber attackers count on, and they also rely on pain of funding negating hardware purchases and software security version updates. Hackers don’t want you to “Hug the Cactus”; they want you to believe in rainbows and lucky charms. One more day, week, month, and year is all the time they need for one strike, and then the thorn is in your side.
Secure Your Work Environment Today
At Control Cloud, we work with you to build an optimal, secure, remote work environment for your business. Whether it’s private, public, or a hybrid solution – we’ve got you covered.
Chief content and technical writer
Rick Bretz possesses comprehensive experience in several subjects including video editing and production, radio/TV and journalism writing, videography, radio broadcasting, IT Management, Information Security and Assurance. He also works as a Senior Cyber Security Engineer for Vulnerability Management, Service/Infrastructure Operations and Platforms Support for the government. Mr. Bretz also is a documentation and technical writer for the Veteran Administration’s Continuous Readiness in Information Security Program. He also served in the US Army beginning in 1979, graduating from leadership schools and from Journalism, Broadcasting, Newspaper Editing and Public Affairs Supervisor courses. He retired from the Army with many writing and broadcasting awards to accept video production and management positions. He holds a BS degree in Information Technology with a Specialization in Security Assurance from Capella University and has a Security + Certification from CompTIA. Mr. Bretz also writes his own blog on topics that interest him that can be reached at pastparallelpaths.com.