With the increase in cyber-attacks and due to lack of basic security controls, organisations are more susceptible to cyber threats. Many organisations are vulnerable to cyber-attacks due to unpatched systems, poorly configured systems, slow detection and response, ineffective account management system, amongst others. It is therefore important to have in place the basic best practices, also known as basic security hygiene such as knowing what is connected and what is running on your network, minimising vulnerabilities to reduce the attack surface, and hardening systems through secure configurations, etc..
In order to help your organization to have the basic security controls, the following elements are to be considered:
- Vulnerability Management – It is important to implement robust vulnerability management, so that we can reduce the number of false-positives. This can be done by profiling assets to run targeted scans for specific types of devices and applications that are running.
- Vulnerability Prioritization - We need to prioritize which vulnerabilities to tackle first. We can do this by focusing on granular scoring and prioritization, so that we can allocate limited attention and resources to the vulnerabilities that matter most to our environment.
- Reporting - For secure configurations, it is important to have robust compliance reporting. The ability to quickly and accurately assess against common known standards in preparation of audits or against internal policies is key.
- Monitoring - Another common challenge is knowing what is changed in your environment and being able to detect when an incident or breach occurs. The ability to monitor and alert to those changes in real-time and understanding what those changes mean in the context of your environment is critical.
- Remediation - Finally, automating remediation is a key component to achieving excellence in the essentials. No platform is an island, and the ability to integrate through workflows can help us respond to threats faster and more effectively.
Foundational controls may be basic security hygiene, but implementing them well is not always easy. It is a shared responsibility that requires the involvement of security, compliance and IT operations teams.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street