Thriving amidst chaos: Managed security tips for Black Friday weekend

By admin
Thriving amidst chaos: Managed security tips for

Black Friday
EVENT

weekend

It’s no secret that

the holiday season
DATE

represents a massive opportunity for organizations. For some industries, over a quarter of their revenue comes in

October, November
DATE

, and

December
DATE

, with a significant portion coming over

just five days
DATE

, the extended

Black Friday
EVENT

weekend also known as Cyber 5.

Between Thanksgiving and Cyber

Monday
DATE

, revenue-focused teams celebrate their influx of sales. In contrast, often under-resourced cybersecurity teams are left to wage wars against the bad actors hidden amongst the ever-growing traffic. Like a scene from a futuristic version of the movie “

300
CARDINAL

”, these typically smaller but mighty teams are pushed to prepare and likely fight attackers

24 hours
TIME

a day to ensure nothing impacts customers trying to finish that all-important checkout purchase.

To increase readiness and expertise, organizations regularly turn to managed security services to augment their capabilities and maximize uptime and availability. While this all but guarantees surviving the Cyber 5 without a hitch, as a cybersecurity leader, you can maximize managed security capabilities with proper preparation. If you’re using managed security during the

Black Friday
EVENT

shopping weekend, we have a few tips to utilize before, during, and after the event. They will help your security and site reliability teams to not just survive

the weekend
DATE

but come out the other side and thrive.

Tips to prepare for Cyber 5

Managed security providers can alleviate much of the stress and anxiety security teams face heading into

Cyber 5
EVENT

, and we’ve compiled a few tips to give you additional peace of mind. As you head into the extended

Black Friday
EVENT

weekend with your managed security provider, update key contacts, tie up action items, and run a tabletop exercise to ensure they’re set up for success.

The

first
ORDINAL

step is to ensure that the key contact information is specified and current. Remember that even though you’re offloading the active security efforts as part of working with a managed security service, you can choose your level of involvement when attacks arise. You’ll want to list the right team members with appropriate communication platforms (such as email, chat, cell phone numbers, etc.) so the team can swiftly implement the suggested mitigation measures once approved.

Tie up any loose action items

The next step is to focus on closing out any pending action items highlighted by your managed security provider. While their security operations staff will mitigate attacks, implementing action items before

the weekend
DATE

starts allows for faster and often automated reactions to similar threats. Completing action items ahead of time also limits your organization’s attack exposure and closes opportunities for hackers.

Run a tabletop exercise

Before a known traffic spike, it is an opportune time to run a tabletop attack drill exercise with your managed security provider. During this exercise, teams will simulate how they respond to an attack to understand the mitigations they will implement and when they will need approval before proceeding. Attack drills instill team confidence that your applications are protected while offering practical opportunities to identify whether any newly implemented procedures need refinements.

By performing these

three
CARDINAL

quick and straightforward tips in advance, you’ll have prepared everything necessary to get

a good night’s
TIME

sleep during

this Cyber 5
EVENT

.

What to expect during Cyber 5


Thursday, November 23
DATE

will come around and while traffic begins ramping on your applications, you’ll be going back for your

third
ORDINAL

helping of mashed potatoes and gravy before yet another nap.

Your

one
CARDINAL

minuscule task is ensuring the availability of on-call key contacts you previously updated. Remember that if your managed security provider is anything like Fastly’s, they combat massive, sophisticated attack payloads

daily
DATE

. Still, you may require them to contact you before implementing mitigations when attacks arise.

Time
ORG

is of the essence, and every

second
ORDINAL

spent trying to reach a key representative unsuccessfully represents an opportunity for the attacker to launch a successful payload!

Uptime over

these five days
DATE

may make or break your business. While estimates suggest the cost of unplanned downtime is

around $6,700
MONEY

per minute for large enterprises in any sector, know that for security operations teams, the Cyber 5 represents

just more days
DATE

doing what they do best. Whether it’s Cyber

Monday
DATE

or a random

Monday
DATE

in

June
DATE

at

2 a.m.
TIME

, managed security teams are there to mitigate attacks with an efficacy worth dreaming about, and all you need to do is give them the green light.

Tips for

the remaining holiday season
DATE

Congratulations! Cyber

Monday
DATE

has come and gone. At this point, you’ll have made it through the Cyber 5 and likely gotten your best sleep over this time since becoming a security professional. Your cross-functional teams will comment on how well-rested you look. As you begin preparing for the rest of

the holiday season
DATE

, give thought to any strategy adjustments you think may be additive.

Consider strategy adjustments

Some managed security service providers offer a

Technical Account
ORG

Manager (or the equivalent) who intimately understands your environment and can give context to the reports they provide. In partnership with them, it’s essential to reflect on the data and your strategy to decide whether there are any areas of opportunity to address for the future. Topics, like long-term security and adjustments to escalation requirements or fine-tuning, should be analyzed and implemented where possible to further minimize your exposure to and risk from security incidents.

Review incident reports

After engaging with you during an attack, your managed security provider may also provide post-incident reports. These after-action reports outline the attack’s source, type, mitigations implemented, escalation path, and more. At Fastly,

Technical Account Managers
ORG

also deliver these to provide additional context, insights, and opportunities for improvement. Allocate time for this, as you’ll often receive context for action items to increase your security posture and inform secure development practices.

Begin uncovering the role of managed security

Major success provides an opportunity to note how managed security contributed to the win. There are quantitative data points like traffic volume, availability, and uptime that are clear and comparable to

previous years
DATE

but also give thought to the qualitative benefits. Heightened brand reputation, lessened employee resourcing, and reduced toil enable you to retain talent and boost revenue. Together, you uncover the story of managed security’s value within your organization. Be sure to work with your

Technical Account
ORG

Manager for help gathering the data you need, and continue building it with insights throughout

the holiday season
DATE

.

Sleep better this Cyber 5

Cyber 5 may be a make-or-break period for many organizations, but fortunately, managed security services offload almost all the responsibility and expertise needed to successfully navigate it. Be sure to use these tips before, during, and after Cyber 5 to maximize your managed security team’s efficacy and ensure the best sleep of your life during this period.