Salted Hash Ep 8: What keeps IT administrators up at night?

This week we talk about things that scare administrators. As expected, ransomware made the list, along with insider threats, funding problems and more.

This week's episode of Salted Hash takes a quick look at things that frighten administrators. We're joined by CSO's Michael Nadeau, who shares his take on the matter. As expected, some of the topics include ransomware, insider threats, funding problems, and more.

The items in this week's episode were pitched to us by AppRiver, a cloud-based security firm located in Gulf Breeze, FL. While the topic was aimed for a story around Halloween, we thought the topics had a longer lift than a single holiday, so we added them to the show on November 1. The data in the list was sourced from working security professionals, both executives and non-executives.

It comes as no shock that ransomware tops the lists of concerns. It's been seen several times this year, and such attacks are devastating and stressful. We've covered it a great deal on Salted Hash, including methods of recovery and preparation.

There were some standout items however, including insider threats and funding.

When it comes to insider threats, Michael says that organizations need to get better at correlating behavior form various log points that can help "identify a series of actions" that will aid in detection and remediation.

There's also the consideration that most insider events are not intentional, they're accidental. But once more, correlating logs and behavioral data will help IT teams get a stronger grip on the situation.

It's important to remember though, the process of doing this will take time and effort, as behavioral technologies really need to be tuned to the business so that such tools help and don't hinder.

The inclusion of funding on the list is critical, as most IT shops have to do more with less, often finding themselves in a situation where they have to pick their poison and hope for the best.

Michael's thoughts on the matter hit home as well, because the funding situation has potential to kill morale and lead to a cycle of pain within the organization on the security front. However, he adds, it's important to distinguish between problems with funding when it comes to a lack of resources, and a lack of funding because the organization simply doesn't care.

Copyright © 2017 IDG Communications, Inc.

Microsoft's very bad year for security: A timeline