The Pareto Principle, also known as the 80/20 rule, is a theory maintaining that 80 percent of the output from a given situation or system is determined by 20 percent of the input. Used by a number of industries since 1906, simply put, the theory means that a minority of inputs will yield the majority of outputs.
When applied to cybersecurity, using basic controls to address 80% of network vulnerabilities will not keep hackers at bay. As a result, organizations will pay the price. In his recent Federal Times article, Lockheed Martin’s Greg Boison pinpoints the reasons why and offers the following advice for improving an agency’s Continuous Diagnostics and Mitigation (CDM) posture:
Tools alone are insufficient. While COTS tools certainly are essential components of a comprehensive cyber security solution, no single tool represents an effective strategy by itself. A well-designed security plan that encompasses:
Asset awareness— performing an exhaustive inventory and continually tracking all devices and software existing on or having access to your system.
Configuration settings management & vulnerability patching — keeping vendor patches up to date and using scanning tools to detect assets without the latest patches.
The mission matters. The CDM strategy should be tailored to an agency’s unique mission requirements. The complexity of the enterprise, exposure points, stakeholder needs, threat profiles, mission criticality, hardware and software resources, and much more must be considered when designing a mission-specific CDM strategy.
Compliance and security are not necessarily the same thing. While annual certification of policies and procedures is important and necessary, it does not always protect organizations against threats. CDM is shifting the paradigm, so that continuous security becomes a means to FISMA certification, rather than the other way around. Some estimates have placed the potential cost savings from better staging of security resources at well over $1 billion annually.
Automation is the key to productivity. An effective CDM strategy includes a large amount of cost-saving automation that reduces compliance costs and increases the productivity of the cyber security team. Rather than constantly “cleaning up spills,” cyber analysts are able to focus on higher-level tasks that address more advanced threats.
For more advice on the 80/20 rule’s effectiveness in cybersecurity, read the full Federal Times article.
IT SECURITY SUPPORT: Blue Mountain Data Systems provides IT Security Support Services for Federal Civilian Agencies. Looking to find Vulnerability Scanning and Testing, Penetration Testing, Risk Assessment & FISMA Reporting for your Federal Agency? Call Paul Vesely at 703-502-3416.