Exploring the top four most effective cyber security strategies – Part 1

Initiatives such as the SANS Consensus Audit Guidelines and the UK CPNI Top 20 Critical Security Controls have attempted to standardize IT and cyber security efforts around 20 strategies proven to mitigate the most common and damaging types of attack. These represent a significant improvement over previous attempts but there remain challenges around adoption and prioritization.

1e application securityIn November 2012 the Australian Department of Defence published a paper in which they stated “At least 85% of the intrusions that DSD responded to in 2011 involved adversaries using unsophisticated techniques that would have been mitigated by implementing the top four mitigation strategies as a package.” This is a significant discovery since it narrows the focus from 20 required mitigation strategies for cyber security to just four:

  1. Application whitelisting
  2. Effective OS patching
  3. Effective application updates
  4. Restricting of administrative privileges

For more background on this DoD paper I encourage you to read my USA Today article Four simple steps to protect the US from hackers.

Digging deeper

Over this series of three articles I’ll be exploring the four mitigations in a series of three articles and explaining how they combine to form an effective cyber security defence strategy. I’ll start in this article with Application Whitelisting.

Mitigation 1: Application Whitelisting

An application whitelist is a register of applications that are approved to run on a computer system. Unless an application is explicitly listed it will not be permitted to run. This is the opposite of a blacklist where all applications may run except for those explicitly listed.

Application whitelisting greatly reduces the risk of malware and other unauthorized software by mandating that only approved applications will run. Implementing whitelisting on personal computers and other vulnerable devices makes it difficult for malware to get a foothold within the organisations and greatly reduces its opportunity to spread. Enterprise system management frameworks such as Microsoft System Center Configuration Manager incorporate application whitelisting capabilities as standard.

A frequent criticism of application whitelisting is that it is inflexible for the end-user and places a significant management overhead on systems administrators. These issues can be mitigated by implementing whitelisting in conjunction with an enterprise app store for self-service software provisioning. This empowers end-users and automates the process of software delivery, reducing management overhead.

In the next article I will be exploring how effective OS patching and application updates are the key to good IT security (click here to read Part 2).

Geoff Collins | VP Technology

To discuss the issues surrounding cyber security mitigation strategies, or other industry challenges, contact us at info@1e.com, or join our LinkedIn forum, 1E INSIDEV1EW.

If you found this article helpful, please take a moment to share it with your contacts using the social media buttons to the left.

Press Esc to close
This entry was posted in Insidev1ew, IT Security and tagged , , , , , by Geoff Collins. Bookmark the permalink.
Geoff Collins

About Geoff Collins

Geoff Collins is Vice President of Product Management at 1E, and leads the Product Management team. As part of the 1E team since 2005, Geoff has held a number of roles within the company, initially as a Solutions Engineer across the full gamut of 1E software, then became a Product Manager, before later being appointed Head of Product Management, leading a team of five Product Managers responsible for a suite of five products. He became VP Technology in early 2013. Geoff's role as VP of Product Management is focused on realizing the strategic roadmap for the company. He is passionate about ensuring that 1E continues to delight its customers with best-in-class software solutions, and maintains its position at the cutting edge of IT Efficiency. Away from the office, Geoff is an an enthusiastic sailor and has a boat called Jendor, which is moored on the River Hamble on the south coast of the UK.

One thought on “Exploring the top four most effective cyber security strategies – Part 1

  1. Pingback: Exploring the four most effective cyber security mitigation strategies - Part 2 | 1E Blogs - Insight and debate on IT Efficiency1E Blogs – Insight and debate on IT Efficiency

Leave a Reply

Your email address will not be published. Required fields are marked *

Enter the below captcha

Please type the characters of this captcha image in the input box

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>