*This article was taken from our HIPAA Guide. For more information on this topic, download our free HIPAA Guide.
“Identify vulnerabilities, minimize risk exposure, and reduce the potential for a breach.”
There is a practice that goes beyond specific threat actors, threat landscapes, and attack vectors. It’s known as “cyber hygiene” and is all about security fundamentals and day-to-day processes.
While every organization is different, the end goal of a cyber hygiene regimen is to identify vulnerabilities, minimize risk exposure, and reduce the potential for a breach. Cyber hygiene includes a variety of subject areas. However, the theme is that you should consistently perform activities that minimize risk, day to day. If everyone in an organization is aware of cyber security, you can better develop a“human firewall” culture.
Some cyber hygiene examples include:
- Minimize doorways into your organization. Make sure individuals who travel extensively or work remotely use multi-factor authentication (MFA), have an RFID-protected passport and credit card holders, and encrypted or data blocking USB drives to protect devices while charging.
- Discuss employee social media use, including how threat actors use employees’ personal lives to identify their work lives. Threat actors look for the easiest routes, which can include LinkedIn, Facebook, or other social media accounts.Threat actors scope for information, then send a phishing email or friend request. From there, they deploy malware or a trojan and pivot from the employees’ personal life to their work accounts. Many employees feel they are not a target because of their title or responsibility, however that sense of complacency is the perfect target for a threat actor.
- Remote work can lead to remote exploitation, organizations will need to place a greater emphasis on securing these areas. Threat actors are opportunists and they know more organizations than ever are using remote access tools likeZoom to access the office. Ensuring your organization is practicing good cyber hygiene in this area is critical.
- Good cyber hygiene means ensuring your organization has and uses a comprehensive strong, password program, utilizes multi-factor authentication, regularly runs best practice assessments to patch or resolve misconfigurations, uses PAN-DB URL filtering blocking on newly registered domains, enforces SSL decryption to these new domains, blocks users from downloading risky file types like .exe and power shells, updates Threat Prevention Policies, procedures, risk register, increases logging especially on newly created domains, uses DNS layer protection as more than 80% of malware uses DNS to establish C2 or conduct web content integrity checks offline.
- Threat actors are increasingly targeting supply chains.So, your cyber hygiene should include your extended enterprise and include performing risk assessments on third party apps used in your environment.
- Cyber hygiene should include re-examining your business resilience and disaster recovery plan annually or semi-annually.Be sure to complete table top exercises with key people in your organization who might be involved should a breach occur.For many organizations, the biggest threat to resiliency is the inability to implement multi-factor authentication.
- Finally, cyber hygiene should always come from the top, so involving your organization’s Board of Directors will help keep communication open about threats and vulnerabilities and strengthen the plan to counteract should a breach occur.
.svg)
