Thank you for your continuing support throughout 2018. Cogito Group will be out of office until: 2 January 2019 in Australia 3 January 2019 in New Zealand.
Before we go want to share 4 wishes we have for Christmas to mitigate targeted cyber intrusions:
1. Application Whitelisting
Application whitelisting, if implemented correctly, can be an incredibly effective means of ensuring the security, stability and consistency of a computing environment. Unfortunately it is often misunderstood or poorly implemented, which can lead to an environment appearing more secure than it actually is.
2. General Patching Guidance and Patch Applications
Every server, workstation, network device, network appliance, mobile device, operating system and installed application needs to be kept up to date in order to ensure the security of an organisation’s operating environment as a whole. A single unpatched machine significantly increases the attack surface of an organisation’s environment, and this increase is multiplied as more machines are in a vulnerable or unknown state.
3. Patch the Operating System
An application is any software which is not part of the core operating system. Application patch management needs to be considered separately to the operating system primarily because it is likely to be significantly more challenging than operating system patching. Most applications will have unique patching methods and requirements. It is important to integrate these into a single process, both from a change management and a technical perspective.
4. Minimise Administrative Privileges
Administrative privileges are designed to allow only trusted personnel to configure, manage and monitor computer systems. Accounts with administrative privileges on a system have the ability to make virtually any change to that system and to retrieve almost any information from it. Accounts with administrative privileges to a Windows domain typically have the ability to effect such changes or see such information from any system on that domain.
While these privileges are necessary for the ongoing administration of a system or network they introduce a number of potential points of weakness into that system. These include opportunities for users to make intentional or unintentional modifications with system-wide consequences and can provide a high-value target for malicious intruders.
For more information on effective security controls you can implement, please visit the the Australian Cyber Security Centre.
As the new year rolls around our resolutions are:
For more information on the ACSC Protect Essential Eight, please visit: https://acsc.gov.au/publications/protect/essential-eight-explained.htm