Cyber hygiene is a very important concept when it comes to protecting an organization’s assets. Assets can be anything that belongs to an organization, including computers and data. Cyber hygiene is a collection of actions that security practitioners can take to ensure that their organization is cyber secure. However, cyber hygiene is not a practice that should only be conducted by security practitioners, end users who are always interacting with the computers and data should take some level of responsibility for the cyber hygiene of their company, and beyond.
To that point, when your cybersecurity or IT departments require cybersecurity training, that is one thing that they are doing to ensure good cyber hygiene. When end users know the proper steps to take when an actual phishing email comes in, and they know this because they have done their cybersecurity training and absorbed the content, both the practitioner and the end user took a step towards their good cyber hygiene. However, it does not end there for the end user. With more and more employees working from home, integrating personal devices with work, and connecting work devices to their home networks, taking your cyber hygiene home has never been more important.
Doing your best to not connect to suspicious wireless access points, download malicious software, and visit phishing sites are a few things you can do to keep your cyber hygiene clean at home.
Things can start getting a little more technical, and sometimes even more exciting, as we continue down the path to good cyber hygiene. Having a firm grasp on the threat landscape, especially as it pertains to your organization, is a great start to help feed information to your vulnerability assessment, incident response and SOC teams, so that they may do their part.
Vulnerability assessments – These assessments allow your organization to know if any applications that are being used within the environment have security holes. Any vulnerabilities that are found can then be prioritized to be patched, either by a fix from the vendor of the software, or at a minimum a security measure that can be put in place until the official fix comes out.
SOC/threat hunting – These actions can help find attackers that may have gotten into your environment. Finding them, determining how they got in, and finally eradicating them and closing the hole that they got in through are other important actions.
Incident response – After an incident occurs, this is a great opportunity to learn from how the attackers were able to get in and take actions on their objectives. Knowing how adversaries operated in your environment can help clean up and issues that you may have, which will harden your cyber hygiene.
These are just some things you can do to ensure your cyber hygiene is up to par. The great thing is, everyone can participate in ensuring their organization’s cyber hygiene is good, and can even take that information home with them to keep their personal cyber hygiene pristine.
By Charlie Donat, Sr. Security Engineer