Basic Cyber Hygiene in Today’s Threat Landscape

Given the sheer number of security products on the market today, you’d think cyberattackers wouldn’t stand a chance. We have numerous amounts of boxes, blinking lights, and apps at our disposal that are supposed to protect us from just about every conceivable cyber malady. And yet nearly every day we hear about some unfortunate organization that’s ceasing operations because it can’t recover from a ransomware attack. This is usually due to simply failing to ensure you have basic cyber hygiene within your organization.

Complicating matters is the new reality that bad guys are targeting entities they know a)are typically behind the curve in terms of cyber hygiene, and b) really don’t have the option of “going out of business” if recovery isn’t possible (read: they may have no choice but to pay the ransom). Municipal and county governments and school districts are on the front line here.

Granted, earlier this year more than 225 mayors of US cities pledged to not acquiesce to attackers’ demands in the event of a ransomware infection. However, when faced with the likelihood of being unable to provide essential services for an extended period, what can a city be reasonably expected to do? Pensacola is a recent, high-profile example of a municipality faced with this dilemma.

And yet, for every entity struggling with ransomware, there are many others that have not. Why is that the case? Is it just a matter of dumb luck, or is there some systemic difference that is driving the outcomes?

I posit that it is the latter. Just as the best sports teams and players work hard on fundamentals, so do the best organizations work hard on basic cyber hygiene. Now, these measures don’t need to be expensive, time-consuming, or inconvenient to implement. They should be treated as components of an overall risk-management strategy—not as “whack-a-mole” reactions to specific cyber threats—and should be embraced and promoted top-down by executive management (after all, cybersecurity is a business problem, not an IT problem). When that happens, an organization greatly reduces its likelihood of having a cyber incident.

There are some great vendor-neutral, objective references to help guide your organization’s cybersecurity efforts. These include the NIST Cybersecurity Framework and the Center for Internet Security (CIS) Critical Controls, among others. The cybersecurity concepts promoted by these guides are similar, and in terms of basic cyber hygiene, include:

  • Security awareness training and testing. Condition employees to be on the lookout for suspicious e-mail messages. When they know they’re being tested and that failure has consequences, security awareness tends to dramatically improve. Which is, of course, the outcome we want.
  • Limit account privileges. The privileges assigned to an employee’s account should include those necessary for his or her job role, but nothing more. If these credentials are stolen, extra privileges mean extra damage that can be inflicted by an attacker.
  • Use a password manager. The problem with passwords isn’t just that they might be weak, it’s that they also tend to be reused. When this happens, the likelihood of credential theft increases exponentially. Using a password manager allows your employees to maintain strong, unique passwords for every app and website on which they have an account.
  • Use multi-factor authentication everywhere. If an attacker steals your password, it no longer matters how long or complex it is. Coupling strong, unique passwords with multifactor authentication is a surefire way to keep from being low-hanging fruit in the metaphorical attack orchard.
  • Prevent malicious DNS lookups. Before it can take hold, most ransomware requires the ability to resolve malicious DNS names. But by using technologies like Cisco Umbrella to remove this capability, an organization can dramatically stack the deck in its favor.
  • Deploy web and email security. Prevent onsite and remote users from communicating with malicious IP addresses or URLs. Sandbox all attachments to incoming e-mail messages and inspect all embedded hyperlinks. Perimeter security is still an important part of a good risk-management strategy.
  • Protect endpoints. Attackers have become adept at disguising malware to evade detection by antivirus software and other traditional mechanisms. But by protecting its workstations, servers, and mobile devices with a good Endpoint Detection and Response (EDR) app, an organization can keep malware in check and proactively hunt for threats within its environment.
  • Patch operating systems and apps. Many variants of ransomware spread by exploiting vulnerabilities for which patches are already available. By keeping systems and apps up-to-date, and organization can severely inhibit ransomware’s ability to take hold and spread.

For some organizations, implementing these basic controls in-house may be a tall order given budgetary requirements and the capabilities of the IT staff. But in today’s cyber threat landscape, they are critical.

To learn how Corsica Technologies’ managed security services can make it easy for your organization to improve its cyber hygiene, reach out to us at service@corsicatech.com or call (877) 659-2261.

Ross is the CISO at Corsica Technologies. He has achieved CCIE Security and CISSP certifications, an MBA from the University of Notre Dame, and has 20 years of experience in the fields of computer and network security engineering and consulting. Ross provides virtual CISO services for our Symplexity Secure clients and helps them to identify information security risks and implement administrative, procedural, and technical controls to mitigate. He works effectively with both technical and managerial personnel and is a trusted resource for our clients..

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

MDM vs. MAM: Which one is right for you? - Corsica Technologies

MDM vs. MAM: Which One Is Right For You?

How should you handle mobile devices that have access to company data and systems? This is a crucial question for today’s on-the-go, hybrid workforce. Maybe you give your team company-owned mobile devices. Or perhaps your employees find it more convenient

Read more
Managed Network Services - Everything You Need to Know - Corsica Technologies

Managed Network Services: Everything You Need To Know

For overworked IT teams, managed network services are a lifesaver. Rather than monitoring network logs, troubleshooting switches, and working overtime to mitigate vulnerabilities, you can engage a trusted partner to manage your network for you. But not all providers are

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.