CIOApplications
static-image
  • Home
  • Applications
      • Auction Software
      • Audit Management
      • Bioinformatics
      • Business Continuity
      • Business Intelligence
      • Chatbot
      • Club Management
      • Collaboration
      • CPQ
      • Custom Software Development
      • CRM
      • Data Platform
      • Digital Experience
      • e-Discovery
      • E-Signature
      • Employee Engagement
      • EAM
      • Enterprise Communications
      • Enterprise Mobility
      • Enterprise Reporting Software
      • Enterprise Search
      • Forestry
      • GIS
      • GRC
      • Human Resource
      • Indoor Positioning
      • Innovation Management
      • InsurTech
      • Intellectual Property
      • IT Infrastructure
      • IT Operations Management
      • IT Service Management
      • License Management
      • Low Code Platform
      • Maintenance Management
      • Managed IT Services
      • MarTech
      • Master Data Management
      • Order Management
      • Parking Management
      • Personalization
      • Portal Software
      • Procurement Tech
      • Publishing Software
      • Quality Management System
      • Remote Monitoring
      • Remote Support
      • RFID
      • Sales Tech
      • Software Asset Management
      • Software Testing
      • Task Management
      • Unified Communications
      • Visitor Management
      • Voice Recognition
      • Web Design and Development
      • Workflow
      • Workplace Management
  • Verticals
      • Automotive
      • Banking
      • BioTechnology
      • Casino
      • Construction
      • CPG
      • Contact Center
      • Education
      • Energy
      • Field Service
      • Fintech
      • Food and Beverages
      • Government
      • Healthcare
      • Legal
      • Life Sciences
      • Logistics
      • Manufacturing
      • Media and Entertainment
      • Retail
      • Travel and Hospitality
      • Utilities
  • Technologies
      • 3D Scanning
      • Agile
      • API
      • Artificial Intelligence
      • Augmented Reality
      • Blockchain
      • CAD/CAM
      • Cloud
      • Container Management
      • Cyber Security
      • Data Analytics
      • Data Center
      • DevOps
      • Drone
      • Graphics
      • Hyper Converged Infrastructure
      • Image Recognition
      • IoT
      • Lidar
      • Machine Learning
      • Machine Vision and Imaging
      • Nano Tech
      • Networking
      • Predictive Analytics
      • PropTech
      • RF and Microwave
      • Robotic Process Automation
      • Robotics
      • Security
      • Simulation
      • Smart Labelling
      • Space Tech
      • Telematics
      • Virtual Assistant
  • Company Eco System
      • Adobe
      • Amazon
      • Avaya
      • ESRI
      • Google
      • IBM
      • Infor
      • Microsoft
      • Mitel Partners
      • National Instruments
      • NetSuite
      • Oracle
      • Progress
      • Qlik Partner
      • Riverbed
      • Salesforce
      • SAP
      • ServiceNow
      • SiteCore
      • Splunk Partner
      • VMware
  • News
  • conferences
  • Newsletter
  • Whitepaper
  • About us
  • Specials

  • Menu
      • Amazon
      • Artificial Intelligence
      • Auction Software
      • Blockchain
      • CAD/CAM
      • Club Management
      • CPQ
      • Digital Experience
      • E-Signature
      • Education
      • Energy
      • Enterprise Mobility
      • Food and Beverages
      • GRC
      • Healthcare
      • Image Recognition
      • Indoor Positioning
      • Infor
      • Intellectual Property
      • IoT
      • Legal
      • Lidar
      • Logistics
      • NetSuite
      • Personalization
      • Predictive Analytics
      • Quality Management System
      • Remote Monitoring
      • Retail
      • RF and Microwave
      • Riverbed
      • Simulation
      • Task Management
      • Utilities
      • VMware
      • Workflow
  • VMware
  • Amazon
  • Artificial Intelligence
  • Auction Software
  • Blockchain
  • CAD/CAM
  • Club Management
  • CPQ
Specials
  • Specials

  • Amazon
  • Artificial Intelligence
  • Auction Software
  • Blockchain
  • CAD/CAM
  • Club Management
  • CPQ
  • Digital Experience
  • E-Signature
  • Education
  • Energy
  • Enterprise Mobility
  • Food and Beverages
  • GRC
  • Healthcare
  • Image Recognition
  • Indoor Positioning
  • Infor
  • Intellectual Property
  • IoT
  • Legal
  • Lidar
  • Logistics
  • NetSuite
  • Personalization
  • Predictive Analytics
  • Quality Management System
  • Remote Monitoring
  • Retail
  • RF and Microwave
  • Riverbed
  • Simulation
  • Task Management
  • Utilities
  • VMware
  • Workflow
×
#

CIO Applications Weekly Brief

Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications

Subscribe

loading
  • Home
  • Cyber Security
Editor's Pick (1 - 4 of 8)
left
Augmenting Cybersecurity in Healthcare Industry

Augmenting Cybersecurity in Healthcare Industry
Robert Napoli, CIO, Planned Parenthood of the Great Northwest and the Hawaiian Islands

Security Solutions for Cyber Risk Mitigation

Security Solutions for Cyber Risk Mitigation
Colin Black, CIO, Crowd Strike

The Tao of Cyber Security in today's reality

The Tao of Cyber Security in today's reality
Marc DeNarie, CIO, NaturEner USA & Canada

Preventing Cyber-Attacks in Universities with Operational Collaboration

Preventing Cyber-Attacks in Universities with Operational...
Michael Corn, Deputy CIO & CISO, Brandeis University

Addressing Cyber Security Strategically

Addressing Cyber Security Strategically
David L Stevens, CIO, Maricopa County

Ever-Changing Cyber Security of Business Community

Ever-Changing Cyber Security of Business Community
Jim Sills, CIO/Cabinet Secretary, State of Delaware

IT- A Game-changer in Cybersecurity

IT- A Game-changer in Cybersecurity
Tammy Moskites, CIO and CISO, Venafi

The Realities of Cybersecurity

The Realities of Cybersecurity
Doug Mullarkey, CIO, First Choice Loan Services Inc.

right

Thank you for Subscribing to CIO Applications Weekly Brief

Importance of Cyber Hygiene

By Darren Death, CISO, ASRC Federal

Tweet
content-image

Darren Death, CISO, ASRC Federal

Cybersecurity took a special place in the 2017 news cycle of as organization after organization fell victim to cyberattacks. It used to be that you would have to break into an organization’s physical building to take their secrets. We now live in a time where your adversary can reach out from great distances, causing great harm to organizations that are unprepared.

Organizations must take special care when operating their mission critical systems, ensuring that they are properly protected. While this may seem like the time to start talking about shiny new cyber security tools, the reality is that the publicized breaches of 2017 were not highly advanced. These attacks took advantage of clear weaknesses in the victim’s information systems resulting in great damage to their organizations.

First, rather than talking about the next shiny tools, organizations need to start a dialogue regarding their IT Hygiene. Typically, when you hear hygiene discussed from a technology perspective it is presented as Cyber Hygiene. However, I think it is more correct to frame this conversation as IT Hygiene. As a Cyber Security professional and CISO I am very interested in what an organization’s IT Hygiene is and what can be done to improve the hygiene level and subsequently protect the mission of an organization. In most cases the team responsible for maintaining the configuration of an organization’s information system is not the Cyber Security team.

I am interested in what an organizations IT Hygiene is, what we can do to improve it and protect the mission


Rather it typically is the IT Operations team who maintains the configuration of the environment and will usually implement most of the settings related to IT Hygiene.

Why am I making a big deal about IT vs. Cyber Hygiene? When an organization shifts the “keep the lights on” day-to-day maintenance and operational activities to a class of work called “Cyber” hygiene, there is a risk of the Ops team loosing focus on those essential daily activities. Additionally, by referring to operation and maintenance activities as Cyber Hygiene activities, one runs the risk of them becoming security requirements and not included in O&M scheduled tasks, or even worse only being given attention when the Security team raises a problem.

Ultimately, the success lies in ensuring your organization’s IT Hygiene is a team sport that requires both the Cyber and Operations side of the technology organization to come together and solve these difficult technical challenges.

Below are some high-level thoughts that will get your organization well on the way to experiencing good IT Hygiene across your networks and information systems:

1. Inventory all devices, operating systems, and software on your organization’s network
2. Develop and implement Secure Configuration for devices, operating systems and software
3. Patch everything as often as you can
4. Continuously tests for vulnerabilities, prioritizing the most critical deficiencies for immediate remediation
5. Limit administrative privileges to only the few individuals that require them
6. Centralize and review audit logs and data from devices, operating systems and software
7. Always backup your data

This is by no means an exhaustive list of activities necessary to protect your environment. These activities are however some of the most important foundational items. If you are not implementing these basic foundational items, your enterprise may be on a very weak foundation, one moment away from being the next news story.

Read Also

Addressing Cyber Security Strategically

Addressing Cyber Security Strategically

David L Stevens, CIO, Maricopa County
Ever-Changing Cyber Security of Business Community

Ever-Changing Cyber Security of Business Community

Jim Sills, CIO/Cabinet Secretary, State of Delaware
IT- A Game-changer in Cybersecurity

IT- A Game-changer in Cybersecurity

Tammy Moskites, CIO and CISO, Venafi
The Realities of Cybersecurity

The Realities of Cybersecurity

Doug Mullarkey, CIO, First Choice Loan Services Inc.

Weekly Brief

loading
ON THE DECK

Cyber Security 2019

Top Vendors

Cyber Security 2018

Top Vendors

Cyber Security 2017

Top Vendors

Previous Next

Featured Vendors

  • INTEGRITY Security Services: Embedded Iot Security and Management
    INTEGRITY Security Services: Embedded Iot Security and Management
  • 3i International: Ingenious Cyber Security Solutions
    3i International: Ingenious Cyber Security Solutions
  • Absolute: Self-healing Endpoint Security
    Absolute: Self-healing Endpoint Security
  • Axiad IDS: Preventing Cybersecurity Threats with Axiad ID Cloud
    Axiad IDS: Preventing Cybersecurity Threats with Axiad ID Cloud

Copyright © 2019 CIOApplications. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy |  Sitemap  |  Subscribe

follow on linkedin follow on twitter follow on rss
This content is copyright protected close

However, if you would like to share the information in this article, you may use the link below:

https://cyber-security.cioapplications.com/cxoinsights/importance-of-cyber-hygiene-nid-1824.html