To make a focused security strategy your organization’s reality, you need a strong security framework. When Security and IT Operations teams work together to promote a focused security solution built on common processes and a prioritized set of actions, costs can go down and responsiveness can increase.
Cyber watchdogs like the Center for Internet Security (CIS) agree, and are contributing their knowledge and expertise to identify, validate, promote, and sustain the adoption of cybersecurity best practices. Derived from practices forged from actual experiences at the National Security Agency (NSA), the CIS Critical Security Controls both support and reflect many of the other leading sources of cybersecurity guidance.
And their ultimate goal? They’re designed to help you:
- Rapidly define the starting point for your defenses
- Direct your scarce resources to actions with an immediate and high-value payoff
- Focus on additional risks unique to your business
Using a proven framework and finding, ideally, single-vendor solutions that can address the majority of the requirements across your enterprise, then filling in with point solutions where you see specific need, will help you reduce costs while getting the defense-in-depth, effective strategy you desire.
Why a single-vendor solution? Because the patchwork of cybersecurity point solutions most organizations have in place doesn’t function well as a whole or provide a complete, integrated view of the risks to the environment. In addition, juggling solutions and platforms from many vendors actually creates gaps where attacks can be launched, compounding risk and cost, putting that much more pressure on already overworked teams and IT governance.
According to the Cisco 2017 Annual Cybersecurity Report, 55 percent of security professionals use at least six security vendors. That’s a lot of juggling.
Top 5 CIS Critical Security Controls
Research and case studies from the CIS show that configuring IT systems in compliance with the Top 5 CIS controls can eliminate 80 to 95 percent of known security vulnerabilities.
In particular, the Top 5 CIS Critical Security Controls establish a solid foundation for radically improving an organization’s security posture. That’s why they refer to these as “Foundational Cyber Hygiene.”
1. Inventory of Authorized and Unauthorized Devices
As per the CIS: “Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.”
2. Inventory of Authorized and Unauthorized Software
As above, but for software: “Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.”
Note that last part. This is where the CIS brings in the value of application control features like application whitelisting.
3. Secure Configuration for Hardware and Software
“Establish, implement, and actively manage (track, report on, correct) the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings. (As delivered by manufacturers and resellers, the default configurations for operating systems and applications are normally geared to ease-of-deployment and ease-of-use—not security.)”
4. Continuous Vulnerability Assessment and Remediation
“Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.”
5. Controlled Use of Administrative Privileges
“The misuse of administrative privileges is a primary method for attackers to spread inside a target enterprise.” Provide processes and tools “to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.”
Where Do We Go From Here?
To gain insight into the future of weaponized malware, and how your aging legacy software is particularly vulnerable, click back to the previous blog in the series, The Future? It’s Weaponized Malware.
For an even fuller picture of the cybersecurity landscape, check out our white paper: What to Do BEFORE All Hell Breaks Loose.