There is one thing all cyberattacks have in common—they need to get inside your system to enact their plans. Preventing breaches from happening in the first place will always be the top priority. The security controls you use to restrict access to your system will be the foundation to reducing risk in this area. Here are four security controls that are key to this first line of defense.
Identity and Access Management
Identity and access management (IAM) ensures only the right users have the appropriate access to technology resources. Many organizations will invest in Privileged Access Management (PAM) controls to further reduce risk, giving users the least amount of privileges needed to do their job. One of the most important elements with this security control is to have strict rules around granting — and removing — identities and access. Threat actors love to find old, forgotten identities that still have access to a system.
Also, under the IAM umbrella is password management. Be sure to set policies for managing passwords and give people tools that help them use best practices. Encourage the use of pass phrases and institute multi-factor authentication and biometrics to strengthen your IAM.
Endpoint Security
The rise in remote and hybrid work has greatly increased the number of endpoints that organizations must protect. More devices on your network mean more entry points for threat actors. However, threat actors commonly throw low-effort attacks with known signatures at endpoints, so having strong detection and response mechanisms with equally strong threat intelligence can greatly reduce your risk in this area. Just be sure that every endpoint is secured. If you have a device that is not supported by your current endpoint vendor, that’s a weak point waiting to be exploited.
Multi-Factor Authentication
Multi-factor authentication, or MFA, is becoming a common way for organizations to fight the rise in stolen credentials, which is often a precursor to a ransomware attack. Many organizations adopt an MFA policy that requires having something that the person “is” (fingerprints or facial recognition, for example), something the person “has” (like a token) and something the person “knows” (a pass phrase or password). More advanced methods include tactics such as geolocation that identifies familiar locations for access and numerical matching, where a sequence of numbers displayed on the user's device needs to be accurately inputted. Best practices in MFA are continually evolving as threat actors work to bypass them, so be sure to stay informed with proper threat intelligence. In addition, try to avoid MFA becoming such a hurdle for access that it starts to affect workflow. It should offer strong security while maintaining user-friendliness.
Vulnerability Management
Vulnerability management is a continuous process to identify potential weaknesses across your environment and ensure they are addressed through efforts such as software and system patching and configuration. Vulnerabilities are one of the largest initial access vectors used by threat actors, accounting for one-third of breaches. Important aspects of vulnerability management are understanding where all your assets are stored and continuously and holistically scanning them, as well as taking a risk-based approach to prioritizing assets that are most susceptible to exploitation. The key to that kind of prioritizing is to have full visibility into your security ecosystem, because what’s most important will be specific to your organization and your environment.
The Bigger Picture
Strong security controls around accessing your systems are essential to strong cybersecurity, but it’s also just part of establishing defense-in-depth. A proper mix of security controls that address prevention, detection and response are the bedrock of a security plan that will reduce risk and raise your cybersecurity posture — which lead to other benefits such as better cyber insurance policies. We’ve identified 10 security controls that have the potential to reduce risk at every organization, regardless of industry. Our white paper “10 Security Controls to Reduce Risk” explains each of these in detail and how they can help you take on the threats of today and those in the future.