"From my own experiences as a CISO, many companies wrongly assume that have already invested in foundational controls either because they have been in business for a long time or because they have a (supposedly) mature IT function. Regardless of company size or operating time, if you ignore the basics, your foundations will shake." –Amar SinghThis clearly makes sense, but with the explosion in security awareness and companies striving to protect their critical assets, these basic controls are often forgotten about. Not intentionally, of course, but it’s understandable, if not negligent, that they’re looking to quickly protect and secure their data and systems as many companies are regulated and subjected to compliance. They need to show they’re investing in security. Tripwire can map the top five CSC down to four cybersecurity pillars. Are you applying these basic pillars of security? CSC 1: Inventory of Authorized and Unauthorized Devices. CSC 2: Inventory of Authorized and Unauthorized Software.
Discovery: Actively manage (inventory, track, and correct) all hardware devices on the network and create a list of authorized software (and their versions) that are required in the enterprise for each type of system, including servers, workstations, and laptops.CSC 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers.
Best Practices: Establish standard-secure configurations of your operating systems and software applications. Standardized images should represent hardened versions of the underlying operating system and the applications installed on the system. These images should be validated and refreshed on a regular basis to update their security configuration in light of recent vulnerabilities and attack vectors.CSC 4: Continuous Vulnerability Assessment and Remediation.
Risk Assessment: Do you run automated vulnerability scanning tools against all systems on the network on a weekly or more frequent basis? Do you deliver prioritized lists of the most critical vulnerabilities to each responsible system administrator along with risk scores that compare the effectiveness of system administrators and departments in reducing risk? If not, you’re at risk.CSC 5: Controlled Use of Administrative Privileges. Monitoring: Do you leverage all available logs to detect, assess, and monitor what’s taking place inside your network and on your devices? Do you know what’s taking place on your critical infrastructure 24/7? In summary, the key to dealing with risk is to remember that foundational controls still apply regardless of scale. Know what’s on your network, understand how it’s vulnerable, keep it patched, keep it securely configured, and monitor it for suspicious activity. Quite simply, when you do the easy things well, the hard things will be easier. To learn more about how to use the top five CSC and other foundational controls to strengthen your company, please join Amar Singh, CEO & Founder of Cyber Management Alliance, and I for our webinar entitled "Designing the Foundations of a Secure Organization." You can attend our presentation by signing up here.