Scroll Top

US CERT Top Security Strategies

According to a recent publication by the United States Computer Emergency Readiness Team (US-CERT), they recommend  as part of a comprehensive security strategy, network administrators should implement the following mitigation strategies, which can help prevent targeted cyber attacks.

They are:

US-Cert

#1) Use application white listing to help prevent malicious software and unapproved programs from running

Application white listing is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.

#2) Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office and Patch operating system vulnerabilities

Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.

The attack vectors frequently used by malicious actors such as email attachments, compromised “watering hole” websites, and other tools often rely on taking advantage of unpatched vulnerabilities found in widely used software applications. Patching is the process of repairing vulnerabilities found in these software components.

It is necessary for all organizations to establish a strong ongoing patch management process to ensure the proper preventive measures are taken against potential threats. The longer a system remains unpatched, the longer it is vulnerable to being compromised. Once a patch has been publicly released, the underlying vulnerability can be reverse engineered by malicious actors in order to create an exploit. This process has been documented to take anywhere from 24-hours to four days. Timely patching is one of the lowest cost yet most effective steps an organization can take to minimize its exposure to the threats facing its network.

#3) Restrict administrative privileges to operating systems and applications based on user duties.

Restricting these privileges may prevent malware from running or limit its capability to spread through the network.

Commentary:

Sounds Reasonable so why are so many people getting hacked, and the answer is simple. People are not doing the basics.

0
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.