Summary
Last month, nGuard released a security advisory detailing the latest version (v8) of the Center for Internet Security (CIS) Critical Security Controls. In this version of the controls, CIS consolidated the original 20 controls into 18 with a major focus on many modern practices such as work-from-home, cloud computing, and increased mobility. In the previous security advisory, we discussed the first 6 controls. In this advisory, we will cover the next 6.
Controls
Control 7: Continuous Vulnerability Management
New vulnerabilities for widely used software and operating systems are coming out on a daily basis. It is essential for organizations to stay on top of these rising threats. Scanning your network infrastructure for new vulnerabilities will ensure that systems are patched against known threats. nGuard recommends scanning infrastructure on a monthly basis.
Control 8: Audit Log Management
It is essential for organizations to collect, alert, review, and retain audit logs of events that could help detect, understand, or recover from an attack. nGuard often responds to security incidents where organizations do not have the proper log management solution in place to better understand how an attacker was able to compromise systems on the network. This type of data is critical when responding to a security incident.
Control 9: Email and Web Browser Protections
Social engineering has quickly become the number 1 threat for organizations. Employees are often described as the weakest link in the security landscape because they can quickly provide an attacker access to the network with little effort. Organizations should assist their employees by improving protections and detections of threats from email and web vectors.
Control 10: Malware Defenses
A majority of organizations will experience a security incident at some point. Making life difficult for an attacker may prevent a small incident from turning into a major one. Having malware defenses like antivirus and intrusion prevention systems deployed across the network can prevent or control the installation, spread, and execution of malicious application, code, or scripts. Malware defense solutions are the number 1 preventer of ransomware.
Control 11: Data Recovery
Ransomware has become a serious threat for organizations. Attackers are gaining network access through the external perimeter or social engineering and deploying ransomware across the internal network while demanding payment for the decryption keys. Paying the ransom should be the nuclear option. Data shows that companies rarely recover all of their data with the decryption tools provided by an attacker. Recovering from backups remains the best option for getting back online.
Control 12: Network Infrastructure Management
It’s important to know who and what is sitting on your corporate network. Keeping a list of devices and services will play a key part in making sure everything is up to date and managed properly. Establishing and actively managing a list of networked devices will prevent attackers from exploiting vulnerable network services and access points.
Next Steps
nGuard offers a wide variety of services that will assist your organization on its path to implementing these critical security controls. Our Strategic Security Assessment allows your organization’s key players the opportunity to sit down with a security consultant who knows these controls like the back of their hand. Not only will they help you strengthen the controls that are already in place, they will make recommendations for the areas in which your organization falls short. Services like nGuard’s vulnerability management and security awareness training will lead your organization down the path to full implementation of these critical controls.
