With cyber security breaches hitting the headlines on a frequent basis these days, it’s hardly surprising that security and privacy ranked 2nd in the top 10 IT management issues for 2016 in the most recent Society for Information Management (SIM) annual survey.
While there’s no doubt that cyber hackers are getting more innovative in their approach, the Australian Signals Directorate estimated that 85% of the targeted cyber intrusions it responds to could be prevented by just four strategies.
So what are these strategies, and how do they help mitigate risk?
1. Operating System (OS) Patching
Patches and updates are regularly released to address issues that have been found in an operating system, including security and critical updates which (as suggested by the name) should be applied swiftly. Once an update is released, the details of the identified vulnerability is also made public which means hackers can quickly develop malware to specifically target these weaknesses. The longer it takes for an update to be applied across all of your devices, the greater the risk of falling victim to an attack.
2. Application Patching
In addition to OS patches, software vendors also regularly release patches for their applications as issues are discovered. Again, these can include fixes to vulnerabilities and security risks, and so should also be applied as soon as possible.
3. Administrator Privileges
Users that have administrative privileges are able to bypass critical security settings and access sensitive information. Hardly surprising then that cyber-attacks often target users with admin rights on their devices in order to access this information (for example in “pass-the-hash” attacks). In order to protect against these type of attacks, you need to make sure that only essential users have administrator privileges.
4. Application Whitelisting
By creating a register of applications that are authorized to run on a computer system, Application Whitelising is a powerful defense against the execution of malicious and other unapproved software. Unless an application is explicitly listed, it is not permitted to run. This is the opposite of a blacklist where all applications can run except those listed in the register.
So how do you fare against these four controls? Are all of your devices up-to-date with OS and application patches? How many people have administrator privileges? Do you have an effective Whitelisting policy in place?
Our free Software Intelligence tool can answer these questions and more. The Security Risk dashboard addresses each of these four controls to assess vulnerabilities in your organization and an overall exposure to risk.