CyberWisdom Safe Harbor Commentary on Cybersecurity Audit
#1: Count Your Devices
If you do not know it is outside, how do you protect it? The first step in any good security plan is to count each device connected to the network. Ensure that not only desktops and laptops, but also phones, printers, or security systems integrated into a network layout. Creating a device inventory may be challenging at first, but once completed, you will have a real understanding of what you are responsible for protecting. When adding or removing new devices, be sure to maintain your inventory with updates to avoid surprises during the review.
#2: Check the operation
After completing the device inventory, you can perform the same operation on software and firmware applications. Understand what runs on each computer in the network and what actually needs to be done to complete business functions. You can use your device list to create a restricted approval list of software that is approved to run (this is called an “application whitelist”). Application whitelisting prevents users from downloading and using software outside of the applications required by the business application.
#3: Applying the principle of least privilege
The principle of “least privilege” is a valuable concept of computer security. Basically, it provides minimal user profile privilege (rather than root or management level access) based on the user’s role or job function. Adjusting user permissions may initially be limited, but it prevents downloading and installing unwanted applications. It will also work when the machine is damaged. If a cybercriminal gains unauthorized access to a machine with limited access, they will have much less administrator-level loss than the infected system.
#4: Implement Security Configuration
Operating systems, browsers, and even printers are equipped with various settings and should be configured with security in mind. In fact, a single operating system can have hundreds of settings to choose from, including password length requirements, port opening, and allowing user login. The CIS benchmark is a consensus-based security configuration standard that applies to over 150 different technologies and can be downloaded for free in PDF format.
#5: Patches, Patches, Patches!
When new vulnerabilities are discovered, vendors issue updates (or “patches”) to bridge security vulnerabilities and make applications more secure. Cybercriminals look for easy wins and hangovers, so it’s important to apply patches at the time of release to ensure your system is secure. The complete network will impress any auditor. When the application reaches the end of support (sometimes called end of retirement), the vendor stops patching. At that time, you know that it is time to upgrade to a newer version or find other supported software.
#6: Develop an Incident Response Plan
What happens if there is data leakage in the organization? If an employee finds (or worse, falls into a prey) a phishing email, does the employee know what to do? Show your auditors a surprise by showing you are ready to finally attack your system. The components of the incident response plan include conducting risk assessments, penetration testing, and training employees. You may need to draft a written policy that guides employees on what to do in various situations. For example, they receive suspicious emails, accidentally download malicious files, or discover internal threats.
#7: Utilize Available Resources
Don’t let the idea of cyber security audit overwhelm you. Take advantage of tools that can help this process from beginning to end easier. Members such as CIS SecureSuite provide a range of resources to help you scan the system and generate reports on system compliance, quickly implement security configurations and contact other network security experts.
Learn more about CIS SecureSuite Membership
Taking these seven steps before the next review will not only improve your network security, but also prepare for future cyber threats. Although some of these steps may take some time to implement, the security benefits are worth it – not to mention through evaluation!
Mar 22, 2018 8:53 AM PT Organizations must secure systems and networks from the expanding cyber threat landscape. This blog will offer solutions to cyber threats from CIS’ integrated cybersecurity resources. Data breaches, phishing attacks, information disclosure – the Internet can be a scary place. Conducting a cybersecurity audit (or getting a third-party assessment) is a great way to understand your organization’s cybersecurity posture. But, like preparing any exam or review, getting ready for a cybersecurity audit can be intimidating. While every security assessment will be a bit different, here are seven ways you can prepare for your next cybersecurity audit. Engaging post, Read More…
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »
thumbnail courtesy of csoonline.com