3 Vital Signs of Cyber Defense

By Nikhil_23IOix5G — In Cyber Security — November 20, 2021

20

Nov
2021

When it comes to cyber-attacks, every organization is constantly vulnerable. How do we check if our cyber defenses are in order? One way is to look for vital signs. This blog explores 3 vital signs for Cyber Defense. Like vital signs in medicine which indicate the conditions of the human body, the vital signs of “Cyber Hygiene”, “Anti-Malware”, and “Patching” indicate the security posture of an organization.

There are a lot of steps required for the process of cybersecurity but following steps regarding“Cyber Hygiene”, “Anti-Malware”, and “Patching” indicates that the organization takes cybersecurity seriously. These three practices are the “vital signs” of Cyber Defense.

“Cyber Hygiene” relates to people and their interaction with cyber assets and other people. Organizations have policies that serve as a guideline for people and their use of IT systems. Adhering to these policies provides a layer of defense to organizational and individual information and information systems. In the absence of policies relating to cyber hygiene, individuals should be constantly aware of the information they are working with and its value. PII (Personally Identifiable Information) is an important category of information that needs to be handled with the utmost care. Incorrect handling of PII can result in penalties and legal consequences for organizations and individuals concerned.

The following are some examples of practicing cyber hygiene. A clean desk is the first and basic principle that makes sure a person isn’t leaving any information scribbled on a piece of paper for everyone to find out (especially passwords!), it also makes the workplace look neat and tidy. Another thing to keep in mind is to be sure to lock the system when you are moving away fromyour desk, even if it is just to get a cup of coffee or for a second to get a printout from the printer,moments lapse in judgement could lead to your information exposure or data loss. Using the same password for different accounts and for a long period of time is NOT a good habit. The leak of the password could lead to the exposure of all the accounts and that is not a pretty scenario! Using a password manager to help create and store complex passwords is encouraged. Be cautious when communicating, do not click on links from unknown senders, examine the sender’s email address to verify the legitimacy of the email, these practices help avoid phishing attacks. If you receive suspicious emails, calls and texts, please report it. Reporting helps collect intelligence and tackle cybercriminals collaboratively! Not disclosing the PII of customers, colleagues, friends, family, and self, Online, over social media or phone are indications of cyber hygiene.

Anti-Malware (and antivirus) running on organizational and individual systems is an important indication of the organization’s cyber defense strategy. Keeping these protections up to date is considered a best practice! Malware is a software that is intentionally designed to cause damage to a computer, server, client, or computer network. Anti-Malware perform several functions including scanning for legitimate operations, file access and downloads. An Anti-Malware program combat malware in two ways: – Either provide real time protection against installation of malware software on a computer. Here this works as an antivirus protection by scanning all incoming network data for malware. Or can be solely for detection and removal of malware software that has already been installed on the computer, here the scanner scans contents of the registry, Operating System files, and installed programs on a computer. In the event the Anti-Malware is unable to fix the problem it is imperative to manually isolate it from the rest of network by physically disconnecting it. Often called, creating an “Air Gap”. This prevents theinfected computer from infecting other systems on the network or other networks.

“Patching” is the practice of updating Software without installing the whole system or application. Vendors of Software continually update their products to fix bugs and vulnerabilities. These fixes are provided as “patches”. Installing these fixes or patches enhances the protection levels in the system. Routine checks for vendor updates and implementing the same in a timely manner is a vital sign of the organization’s cyber defense.

An example of “patching” preventing a major data breach in an organization is the case of the“PrintNightmare” Print spooler vulnerability (CVE-2021-34527) in Microsoft Windows Server. Microsoft (the vendor) provided a patch. Organizations that installed the patch, prevented attacks that exploited this vulnerability. Thus, Patching refers to the mending a vulnerability in a software till a new release of software becomes available. Patching is a great way to seal up vulnerabilities before a major software update can be deployed. Software come and go but Patches are forever!

At Sam Analytic Solutions we empower users in client organizations by providing cybersecurity services that are aligned with clientbusiness goals and functions.

When it comes to cyber-attacks, every organization is constantly vulnerable. How do we check if our cyber defenses are in order? One way is to look for vital signs. This blog explores 3 vital signs for Cyber Defense. Like vital signs in medicine which indicate the conditions of the human body, the vital signs of “Cyber Hygiene”, “Anti-Malware”, and “Patching” indicate the security posture of an organization.

There are a lot of steps required for the process of cybersecurity but following steps regarding“Cyber Hygiene”, “Anti-Malware”, and “Patching” indicates that the organization takes cybersecurity seriously. These three practices are the “vital signs” of Cyber Defense.

“Cyber Hygiene” relates to people and their interaction with cyber assets and other people. Organizations have policies that serve as a guideline for people and their use of IT systems. Adhering to these policies provides a layer of defense to organizational and individual information and information systems. In the absence of policies relating to cyber hygiene, individuals should be constantly aware of the information they are working with and its value. PII (Personally Identifiable Information) is an important category of information that needs to be handled with the utmost care. Incorrect handling of PII can result in penalties and legal consequences for organizations and individuals concerned.

The following are some examples of practicing cyber hygiene. A clean desk is the first and basic principle that makes sure a person isn’t leaving any information scribbled on a piece of paper for everyone to find out (especially passwords!), it also makes the workplace look neat and tidy. Another thing to keep in mind is to be sure to lock the system when you are moving away fromyour desk, even if it is just to get a cup of coffee or for a second to get a printout from the printer,moments lapse in judgement could lead to your information exposure or data loss. Using the same password for different accounts and for a long period of time is NOT a good habit. The leak of the password could lead to the exposure of all the accounts and that is not a pretty scenario! Using a password manager to help create and store complex passwords is encouraged. Be cautious when communicating, do not click on links from unknown senders, examine the sender’s email address to verify the legitimacy of the email, these practices help avoid phishing attacks. If you receive suspicious emails, calls and texts, please report it. Reporting helps collect intelligence and tackle cybercriminals collaboratively! Not disclosing the PII of customers, colleagues, friends, family, and self, Online, over social media or phone are indications of cyber hygiene.

Anti-Malware (and antivirus) running on organizational and individual systems is an important indication of the organization’s cyber defense strategy. Keeping these protections up to date is considered a best practice! Malware is a software that is intentionally designed to cause damage to a computer, server, client, or computer network. Anti-Malware perform several functions including scanning for legitimate operations, file access and downloads. An Anti-Malware program combat malware in two ways: – Either provide real time protection against installation of malware software on a computer. Here this works as an antivirus protection by scanning all incoming network data for malware. Or can be solely for detection and removal of malware software that has already been installed on the computer, here the scanner scans contents of the registry, Operating System files, and installed programs on a computer. In the event the Anti-Malware is unable to fix the problem it is imperative to manually isolate it from the rest of network by physically disconnecting it. Often called, creating an “Air Gap”. This prevents theinfected computer from infecting other systems on the network or other networks.

“Patching” is the practice of updating Software without installing the whole system or application. Vendors of Software continually update their products to fix bugs and vulnerabilities. These fixes are provided as “patches”. Installing these fixes or patches enhances the protection levels in the system. Routine checks for vendor updates and implementing the same in a timely manner is a vital sign of the organization’s cyber defense.

An example of “patching” preventing a major data breach in an organization is the case of the“PrintNightmare” Print spooler vulnerability (CVE-2021-34527) in Microsoft Windows Server. Microsoft (the vendor) provided a patch. Organizations that installed the patch, prevented attacks that exploited this vulnerability. Thus, Patching refers to the mending a vulnerability in a software till a new release of software becomes available. Patching is a great way to seal up vulnerabilities before a major software update can be deployed. Software come and go but Patches are forever!

At Sam Analytic Solutions we empower users in client organizations by providing cybersecurity services that are aligned with clientbusiness goals and functions.

Spread the love