Microsoft’s latest Digital Defense Report warns that there are no shortcuts to preventing cyber attacks. Every company’s best hope is a consistent and disciplined approach to cyber defense.
The findings released last November 10, suggests that “enterprises must apply security best practices consistently and aggressively to their networks, with the goal of mitigating classes of attacks. Due to human decision-making, these ransomware attacks can generate multiple, seemingly disparate security product alerts which can easily get lost or not responded to in time.”
Furthermore, the report stresses that “98 percent of cyber attacks can be thwarted by basic hygiene, including the adoption of a zero-trust security architecture, patching critical applications fast, and protecting data.”
In light of the urgency of these findings, we’re summarizing the report’s recommendations in a 10-Point Cybersecurity Hygiene Checklist to ensure your company’s data and tech are always secure and to understand why these are essential to the ongoing success of any business.
1. Privileged Access Audit
Successful attacks are often the result of long-running campaigns involving compromise of identity systems, like Active Directory (AD), that allow human operators to steal credentials, access systems, and remain persistent in the network.
Proper administrative credential segregation and least privilege access principles via dedicated workstations during the management of their critical identity and high value assets, such as proprietary systems and business-critical applications must be regularly audited and updated.
2. Active Directory Updates
Weak identity controls has become a common attack vector as attackers exploit misconfigurations and weaker security postures in critical identity systems to gain broader access and impact to businesses.
An Active Directory Identity Protection spots malicious email and compromised identity activity and provides still more information through compromised identity event alerts.
3. Vulnerability And Penetration Testing
There are a number of ways to do vulnerability and penetration testing depending on your infrastructure and current security posture. In general, vulnerability assessment is systematically discovering and analyzing vulnerabilities while penetration testing is the process of exploiting those vulnerabilities to help determine the best mitigation strategy.
4. IoT Security Testing
Technology has automated our productivity to such a degree that it paved the way for exponential growth, but it’s not without risks. IoT is opening up a diverse set of emerging vulnerabilities and it’s essential that we diagnose our infrastructure for security gaps daily to help prevent any malicious attacks caused by exploiting vulnerabilities.
5. Software Updates
Technology changes fast, with new vulnerabilities and more sophisticated attack vectors cropping up every day. So it’s imperative that you perform regular software updates, if not, company and customer data may be at risk. A good rule of thumb is to check your software for updates one to two times a week.
6. Malware And Web Proxy Scans
Implement a system to identify and track bot infrastructure and generate notifications for active internet providers, taking into account specific laws in various countries. Anti-phishing, SQL injection scans and anti-spam checkups are a close second as the next layer of cybersecurity protection companies should conduct daily. Coordinated operations that go beyond anti-malware solutions such as creative engineering, sharing of information, innovative legal theories, and public and private partnerships.
7. Phishing Simulations
Businesses can perform many different types of checkups, but a crucial yet often ignored one is a phishing simulation within the organization. 85 percent of data breaches are caused by human error and employees often, unwittingly, make mistakes that compromise security. A phishing simulation identifies employees who may be susceptible to phishing attacks and provides training on how to avoid them.
Zero Trust architecture requires consistent enforcement of policies to ensure compliance among users and devices and prevent them from compromising security. It requires that the organization know all of their service and privileged accounts, and control what and where they connect. Reliance on passwords and identity verification simply won’t suffice, because threats and user attributes are all subject to change. As a result, organizations must ensure that access requests are continuously vetted.
9. Patch Management
Vulnerability management is a much broader strategy of a patch management plan that includes discovering, prioritizing and resolving the security vulnerabilities of network assets. Patch management addresses the identified risks by upgrading software to the most recent version or by temporarily patching it to remove a vulnerability until the software vendor releases an upgrade that contains the fix. Having a plan helps prevent common system failures like incompatible hardware issues with a patch, or a patch that installs well but breaks something else.
10. Attack Surface Reduction
Attack Surface Reduction (ASR) rules target certain software behaviors, such as: Launching executable files and scripts that attempt to download or run files. Running obfuscated or otherwise suspicious scripts. Performing behaviors that apps don’t usually initiate during normal day-to-day work. Regular checkups against common threats can not only reduce alert volume, but also stop many attackers before they get access to networks.
ALL your systems Patched, Updated and Protected — Always
Vulnerabilities are the easiest way for hackers to gain entry into critical systems. And with thousands of new vulnerabilities discovered, it’s increasingly difficult to focus on the ones that really matter. For example, out of the 800 newly identified vulnerabilities today, which ones need your urgent attention? Can you be proactive or automate patch management?
UDT follows a programmatic, yet adjustable delivery approach that is adaptable to your in-house activities and constantly changing environment. It’s a flexible service design that allows us to adapt the solution to your current resources, processes, and policies as they change over time.
Confidently demonstrate to your organization’s stakeholders that ALL your systems are secure and up-to-date.