Clean up to stay safe

Improving cyber hygiene will help organisations repel attackers in the first place and reduce the harm caused by those who do get through.

We all know the importance of good hygiene in our personal lives – it’s what keeps us healthy, resilient, and presentable. Why is it, then, that we don’t always apply the same principles in the workplace? High standards of cyber hygiene can make a huge difference as organisations try to protect themselves from the growing threat of cyber attack.

Cyber hygiene is about getting the basics right – making it as difficult as possible for attackers to penetrate the organisation and to remain undetected. Think of it in the same way as protecting a home from intruders, where improving security is a matter of identifying potential weak points that might allow entry, taking action to strengthen those areas, and installing systems that sound the alert if security is breached.

Organisations need to do the same, starting with much better mapping of their IT assets. In an era where more people are working remotely, where IT infrastructure is becoming more complex, and where digital transformation means many operational assets are now online and connected, many organisations do not have visibility where their systems begin and end.

Inevitably, this creates vulnerability. If an organisation has not identified all its assets and endpoints, it cannot know whether any of them might provide attackers with a potential opening, let alone begin to mitigate such risk. Mapping the IT inventory, including shadow IT assets such as connected operational technologies, is therefore a vital step in improving cyber hygiene.

Inventory discovery and management solutions such as Tanium’s endpoint security platform can prove invaluable in this regard. They provide a means through which organisations can very quickly identify each of their endpoints, and keep that inventory up-to-date as it evolves over time. Such platforms can also be used to pinpoint and resolve any weaknesses these endpoints may bring.

In addition to securing a far more accurate picture of their IT assets, organisations also need to think more clearly about how to manage those assets from a cyber security perspective. They need clear security policies – and management processes that put those policies into practical action.

These are the policies and processes that protect and defend the organisation from attack. For example, they set out agreed principles for risk mitigation; for example, an action plan when a vulnerability is identified could encompass applying a patch or isolating the asset until the issue has been resolved. They cover areas such as employee awareness and behaviours, with practices designed to embed good cyber hygiene in the organisation’s culture. And they span basic principles such as password and authentication practices.

It's important to align these policies and practices with the organisation’s structure and the way in which it operates. If one part of the organisation – a business function or unit, say – stands apart, the whole organisation will be more vulnerable to attack.

Not recognising that imperative is a common failing. Too many organisations approach these issues on an ad hoc basis, rather than applying the same standards universally. The result is that problems fall through the gap.

Shifting to a homogenous approach is therefore vital to improving cyber hygiene. To present a united front against attackers, every part of the organisation must apply the same policies and protections.

By improving cyber hygiene in this way, organisations will substantially reduce the risk of falling victim to a successful attack. But crucially, where a breach does occur, they will also be in a better position to spot it quickly and to respond. With the increased visibility that improved inventory management tools deliver, such breaches should not go undetected.

Indeed, it is difficult to overstate the importance of speed of response: time is of the essence. The sooner an attacker can be repelled, the less chance there is of them doing significant damage – this is how the impact on the organisation will be reduced.

In other words, good cyber hygiene will keep more attackers out and reduce the problems caused by those who do get in. It’s time for all organisations to clean up their act.