George Carlin made comedy history when he created stand-up routine around the seven dirtiest words that could never be said on the radio or on television. (For the sake of our readers, a simple search on YouTube will find the routine – it is adults only content!) What made this routine so unique is that he boldly came out and stated seven words that no one should ever write, say, or even hear – privately or publicly. That concept alone is all this blog is about. There are five cybersecurity words team members never want to hear regarding their own organizations. Listed in priority order, according to my humble opinion, they are:
  1. Incident – “We have had a security incident within the organization.”
  2. Malware – “We have identified a malware infestation and need to remediate the issue immediately.”
  3. Ransomware – “We have been infected with ransomware.”
  4. Compromised – “We have detected that system(s) have been compromised.”
  5. Breach – “We have identified a data breach.”
So why are these words so dirty? Each one of them alone does not tell you the size, scope, risk, or repercussions of the cyber security problem in question. They are “dirty.” If you have to say, or hear, a team member say that you have been infected with ransomware, the scope and threat are absolutely filthy. We need to find a way to clean up these dirty words and make sure they are never used within our own organizations. To that end, I propose the following:
  • Privileged Access Management – removes and manages administrator rights that could otherwise lead to someone saying any of the five dirtiest cybersecurity words.
  • Vulnerability Management – ensures remediation practices are performed, preventing exploitation that otherwise could lead to a vocalization of a dirty word.
  • Identity & Access Management – manages the entitlements of people so we can minimize the risks of them performing an act that could otherwise lead to swear word.
We never want to be singled out for saying a bad word. We also never want to be the bearer of bad news based on a cybersecurity incident within our organization. So, to prevent us from ever saying them, we can embrace cybersecurity best practices and minimize the risk of us even being tempted to utter them under our breath. As the leader in privileged access management and leader in Vulnerability Management, BeyondTrust is in a unique position to help with these basic cybersecurity hygiene disciplines and clean up your environment. The results could be just what we need to ensure we never have to utter those dirty cybersecurity words again.