If you need to create a cyber defense system for your company, where do you start and what is most important in building a cyber defense system? The Center for Internet Security (CIS) – a 501(c)(3) nonprofit organization based in New York promoting cyber defense best practice solutions – provides a “must-do, do-first” list of 20 critical security controls.
So where do you start?
Adopt the 6 Basic Controls.
With these 6 controls, the majority of attacks can be blocked and you are starting off on the right foot towards a strong and encompassing security system for your enterprise.
Control 1: Inventory and Control of Hardware Assets
A comprehensive view of the devices on your network is the first step in reducing your organization’s attack surface. Use both active and passive asset discovery solutions on an ongoing basis to monitor your inventory and make sure all hardware is accounted for.
Control 2: Inventory and Control of Software Assets
Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and unauthorized and unmanaged software is found and prevented from installation or execution
Control 3: Continuous Vulnerability Management
Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, and to remediate and minimize the window of opportunity for attackers.
Control 4: Controlled Use of Administrative Privileges
Administrative credentials are a prime target for cybercriminals. Track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.
Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers
Establish, implement, and actively manage (track, report on, and correct) the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.
Control 6: Maintenance, Monitoring and Analysis of Audit Logs
Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.
Once the 6 basic controls are in place, you can institute the foundational controls, and then implement the appropriate organizational controls.
With adopting just the first five controls, 85% of cyber attacks can be prevented. With adopting all 20 controls, more than 97% of cyber attacks will be prevented. The key to a strong cyber security system is to have these controls in place in an organized, useable manner, and be consistent with the workflow for each set of controls.
As attackers can come from many different situations and all around the globe specifically scanning for unprotected systems, it is critical to have these CIS controls in place for your enterprise immediately. It is important to note that “Bring Your Own Devices” (BYOD) are often targeted as security updates are often put off. It is certainly worthwhile for large, complex enterprises to practice strong cybersecurity risk management and implement all CIS controls in a timely, thorough, and well-integrated manner.