Why Leap Year Is a Cogent Reminder for Enterprises to Sync Up Security

Just as Feb. 29 re-syncs clocks with the orbit of Earth, it is critical that enterprises be in sync, especially to maintain and improve one’s security posture.

If you’re going to avail yourself of security intelligence, synchronize your efforts to operationalize it with its arrival. After all, good intel is often of the urgent variety and may have a short shelf life. Think of intel as the arrival of a magic ball from the precogs in “Minority Report.” Imagine not acting on that intel until after the crime is committed. There is nothing worse to the morale of your IT security team than being breached between the time you received the intel and when you put it into effect. When this happens, you’re not only in the news, but the reconstruction of the sequence of events draws comparisons to the Keystone Cops. —Oliver Tavakoli, CTO, Vectra Networks

IT infrastructure teams are normally the next-to-last ones to find out about a merger or acquisition, which means the security teams are truly the last to know. Setting up a repeatable process for how you integrate merger and acquisition activity should be established because this situation of IT and security being last to know will never change. Look at developing a standard package for delivering network, data center and endpoint security inspection that is flexible enough to fit most of the M&A use cases that your organization may encounter. —Jeff Schilling, CSO, Armor

It is common for security teams to complain that there is no security in the cloud. That is a misconception based on lack of engagement with the IT teams that are pulling their customers to cloud solutions. Fighting the gravitational pull of their customers’ urge to leverage the public cloud is a losing strategy. Security teams should partner with the IT cloud architecture teams and ensure they have repeatable security models and classification guides that enable this movement to the cloud, not prevent it. —Jeff Schilling, CSO, Armor

While the use of a Network Time Protocol (NTP) server is nothing new, ensuring that all devices use them is critical for IT security and operations. Having logs that are accurately represented by time data stamps that account for leap year and automate batch tasks chronologically can only occur when all systems have the same system clocks. This leap year, it would be a good task to check the accuracy of your time servers and make sure all assets, from servers to infrastructure, are using the correct settings. This will not only help you with forensics but may also protect you against distributed denial-of-service (DDoS) and amplification attacks against NTP. —Morey Haber, VP of Technology, BeyondTrust

While we frequently think about leap year affecting computing devices, we tend to overlook basic analog devices that need to properly record the extra data. These include analog clocks and watches, hourly work punch card clocks and even simple calculations, such as billing by the month based on the number of days. Checking noncomputing devices, invoices and even daily journals and diaries for the extra day is important to record the leap year correctly. —Morey Haber, VP of Technology, BeyondTrust

Leap years are a funny thing, based on our Roman ancestors. Two competing Caesars wanted months named after them and took us from 10 months to 12. February gave up extra days to make the new months equally long. The implications of their actions are felt to this day. Leap years should be a simple reminder of something we should do every day: communicate. We should make sure we communicate effectively with our peers, clients, vendors and most importantly your management team. Synchronizing efforts, formalizing communications and sharing information should be a frequent event. Learn a new concept with this leap year: how to synchronize proficiently and professionally. —Morey Haber, VP of Technology, BeyondTrust

If there is one area of security in need of better synchronization, it is security’s relationship with the chief financial officer. The CFO has been conditioned over time to believe that a new suite of technology will be the organization’s savior and put an end to costly incidents and breaches. As we all know, this is a false promise. Security needs to think more like a CFO: If I invest this amount of money, what am I getting back in terms of metrics and output? What areas remain uncovered by this investment? How does it scale as usage changes or the organization evolves in size (in both directions)? Is this investment fixed or flexible if my needs change? —Michael Patterson, VP of Strategy, Rook Security

Time synchronization is a critical piece in planning, managing and securing networks and systems as it provides a frame of reference between all devices on the network. It also helps determine when events happen. Without synchronization of time, we are not able to accurately correlate log files and events between these devices. —Sean Duca, CSO, Asia Pacific, Palo Alto Networks

Synchronizing the time globally in your systems can make the difference between global coordination and total system chaos. When the clocks are synchronized, regardless of the time zone, it ensures scheduled jobs can be anticipated and the results consumed, monitoring and reporting are consistently accurate, and incidents can be managed appropriately based on prioritization. —Stan Black, CSO, Citrix

Syncing up these functions looks great in policy, but when the tabletop exercises run their course, critical systems are often out of sync. A simple example is a rollback recovery: Accept one small issue and the rollback version is an older patch version, which doesn’t sync with the current database. Time slippage in an Active Directory domain is another example that can adversely affect Kerberos authentication by enabling attackers to conduct brute force or replay attacks, and can cause authentication for legitimate users to fail outright. —Stan Black, CSO, Citrix

In a hyper-converged data center, mobile, cloud, IoT and SaaS infrastructures are woven into business. Keeping policy, configuration, patching, visibility, monitoring and control across these diverse platforms poses significant challenges, but taking simple steps such as ensuring clocks are in sync can help make sure the user experience remains intact and that enterprise data is secure. —Stan Black, CSO, Citrix