Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

The Ten Cybersecurity Commandments

Cybersecurity Awareness Month is, once again, upon us. At its core is an issue that can have a massive impact on organizations in every industry, public and private, large and small: successful cyberattacks and how to prevent them from happening in the first place.

Cybersecurity Awareness Month is, once again, upon us. At its core is an issue that can have a massive impact on organizations in every industry, public and private, large and small: successful cyberattacks and how to prevent them from happening in the first place.

As an industry, we’ve evolved to address the challenges that today’s cyberthreat landscape presents, with both tactics and technology. We’ve not yet surmounted the challenges, but there are innovative minds in garages and boardrooms across the country trying to do just that. In the meantime, there are fundamentals that have stood the test of time and can help prevent successful cyber breaches from occurring despite the pace at which the landscape shifts.

To help ensure a solid foundation of protection from cyberattacks, I offer you The Ten Cybersecurity Commandments – the most important and fundamental practices to help ensure successful cyberattacks are avoided, business productivity is left undisrupted, and customers continue to place their trust in your brand.

1. Ensure that systems, applications and users are patched. The importance of applying the latest security patches cannot be overstated. Attackers will always attempt the easiest route to break into an organization, which is often an unpatched system. As for employees, make sure ongoing user training is implemented, and ensure that strong password policies are in place, along with multi-factor authentication requirements.

2. Share preventions natively. The best chance of preventing cyberattacks and defeating adversaries is when effective security controls on the network, endpoint and cloud operate together as parts of a single platform. This means security teams won’t have to manage and orchestrate separate policies, enforcement, visibility and threat intelligence. Each element can gain leverage from the other so that what’s discovered on the endpoint, for instance, can automatically be prevented on the network and in the cloud, without manual intervention.

3. Implement a consistent security model, regardless of user location or device type. When there is consistency of prevention across all locations, attackers lack the ability to gain an initial foothold in a less protected area and pivot to other parts of the organization. Whether it is a remote user or system, the core data center or perimeter, a cloud-based service or a SaaS-based application, you must ensure there are no gaps in security posture. Consider extending the perimeter to remote users and networks in the same way that you would if they were on the core network.

4. Practice the principle of least privilege. Segmentation is a requirement, and micro-segmentation is fast becoming one. No one or no one thing needs to talk to everything. There should be no default trust for any entity, regardless of what it is or where it is. By establishing Zero Trust boundaries that compartmentalize different segments of the network, organizations can protect data from unauthorized apps or users, reduce the exposure of vulnerable systems, and prevent the lateral movement of malware throughout the network.

5. Embrace advanced endpoint methodologies. Ensure that endpoint protection can share threat intelligence seamlessly across the network and endpoint, and prevent known and unknown malware on the endpoint itself. Endpoint technology should be able to identify and prevent exploits without any prior knowledge; otherwise, it can’t effectively protect your organization.

Advertisement. Scroll to continue reading.

6. Make safe application enablement a requirement. Security teams must be able to determine the exact identity of applications traversing the network, irrespective of port, protocol, evasive tactic or encryption (TLS/SSL or SSH), and apply safe application enablement policies based on business needs.

7. Gain leverage from threat intelligence. Controls and preventions are only as good as their visibility into known and unknown threats, and their ability to instrument security infrastructure that blocks what’s discovered. If your security technology is constantly learning, whether through discreet observables like new malware samples or machine learning, it should have a wide enough data set to know what is good, and what is bad, and tie all of that back across network, endpoint and cloud to implement new prevention measures.

8. Understand your threat environment. Depending on your organization, there is a certain set of malicious playbooks that will be run against you by cyber adversaries, using specific tools and techniques. If you understand what threats are most likely to impact you, your industry peers and the global landscape, you can proactively use that data to better architect new prevention controls to block the successful execution of these playbooks.

9. Aim for efficient consumption of new security technologies. Deploying and orchestrating siloed capabilities from multiple vendors is a struggle and could leave your organization exposed. To ensure effective prevention of cyberattacks, decreased costs and operational burden, consider adopting new security functionality that can operate as an extension of the infrastructure you already own and operate – ideally delivered from the cloud.

10. Think holistically about your prevention philosophy. Ensure that all of the decisions and investments made map back to a philosophy that strives to prevent successful cyberattacks, with the ultimate goal of making your organization safer and protecting our way of life in the digital age.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture