While organizations around the world are rightly focused on the COVID-19 pandemic, the work of cybersecurity must continue. In fact, attackers often increase their efforts to breach networks and systems during times of trouble, counting on the chaos as a useful distraction. In such times, the best cybersecurity practices should actually refocus on the most basic, but still the most useful, steps — what we call security hygiene.

Cybersecurity hygiene includes the basic best practices that help protect you against many different types of attacks and attackers. For example, you should:

  • Make sure that all systems are properly patched and current.
  • Make sure that all endpoints have up-to-date malware and antivirus protection.
  • Make sure only the necessary firewall ports are open.

Strengthening Your Security Posture

In IT security, the worst threats often come from devices corrupted with computer viruses such as Trojans, malware or worms.

Many malicious IT viruses are designed to spread to nearby nodes on the network or to hijack normal communication mechanisms to spread their payload. The NotPetya worm, which brought down huge corporate networks for days after spreading as an accounting software update from a compromised machine in the Ukraine, is a case in point of this behavior. For this reason, in IT security, proper and timely defense against known threats is one of the more potent forms of cybersecurity.

With security monitoring — and breach-and-attack simulation platforms more specifically — it is possible to probe the defenses of an organization without performing an attack or test on a production system. This method can provide an objective view of the state of the security posture of that organization and inform recommended defenses against vulnerabilities that the organization’s security and technology systems are not properly configured to defend.

Informed cybersecurity experts can look at a breach, understand the environmental factors, categorize the potential risks and vectors, and prescribe actions. The newer simulation systems can also work with human experts to more effectively prioritize security solutions based on severity of the specific risk to the particular organization. This means business risks can be prioritized on equal footing with more classic risk-rating structures that only account for cyber risks and their relative severity.

Such a view can be deemed objective because the simulation can programmatically run through thousands of known playbook attacks many times per day. The remedy, in this case, consists of recommended changes to configurations and controls that have left the organization exposed to attacks. Again, this is not rocket science or some fancy new product category; it is security hygiene, pure and simple. The best defense is to make sure that security controls are optimized for your current technology attack surface.

Early Detection Is Crucial

In cybersecurity, early malware/virus detection is absolutely crucial. This allows an organization to better map the threat to their environment and plot a response. The earlier a malware or virus is detected, the less chance it has to spread horizontally through the organization’s IT infrastructure.

For example, what if your security monitoring and management tool recognizes that you are sending traffic to an IP address belonging to a bad actor? Then you have a strong indication that there is an infection somewhere in your environment. Security monitoring is practical and effective because it can spot obvious symptoms that almost always indicate something is wrong.

You Don’t Have to Do It Alone

Cybersecurity experts in digital forensics and incident response or management can quickly build a complete picture of most security problems, diagnose the root cause and propose a variety of solutions, including incident response and remediation. It is best to move quickly so as to minimize disruption and keep the cost of security breaches down.

For example, if a security breach is not detected and addressed quickly, then the attackers can spend more time poking around in your systems and steal sensitive business data. While your in-house team may be good enough for this, during a major breach it is almost always helpful to consult with third parties to get their take on the best way to fix a problem and move forward.

A good way to enforce cybersecurity is to ensure each engagement has a tight scope. Another is to have a dedicated third-party resource consultant that your team can turn to for advice and guidance. Ideally, you will also have access to experts who are familiar with your ongoing cyber hygiene approach and feel comfortable operating with your existing set of tools and controls.

Rarely is buying a new security control the answer to your problems. Almost always, it’s putting in place systems and procedures that better utilize the security controls you have and establish better internal management processes and cultural awareness of potential risks.

Security Hygiene Is a Combination of People, Process and the Right Technology

The good news is that it’s never too late (or too early) to practice effective IT security hygiene. Chief information security officers (CISOs) need to reinforce and reteach that connecting insecure, unhygienic home-based machines to your corporate network is highly risky behavior that can result in an infection or a breach.

For technologies to more effectively protect your company and detect threats, simple, low-to-the-ground mechanisms work best and are the simplest to maintain and run. For expert help, bring in a specialist to ensure that your incident response and remediation are running well or to give you an annual security audit with a pair of fresh eyes. Keeping your IT infrastructure secure need not be complicated — but it does require effort, the right technology and expertise.

Learn More


More from CISO

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…

What’s new in the 2023 Cost of a Data Breach report

3 min read - Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the research points to new opportunities for containing breach costs. The research, conducted independently by Ponemon Institute and analyzed and published by IBM Security, constitutes the…

Cyber leaders: Stop being your own worst career enemy. Here’s how.

24 min read - Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. We’ve been beating the cyber talent shortage drum for a while now, and with good reason. The vacancy numbers are staggering, with some in the industry reporting as many as 3.5 million unfilled positions as of April 2023 and projecting the disparity between supply and demand will remain until 2025. Perhaps one of the best (and arguably only) ways we can realistically bridge this gap is to…

Poor communication during a data breach can cost you — Here’s how to avoid it

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…