With the increasing reliance on digital systems, cybersecurity has become a crucial aspect of organisational safety. The constantly evolving threat landscape necessitates proactive and vigilant protection of digital and operational assets.
Ilan Rubin, chief executive officer, Wavelink, said, “Security hardening is an effective way to enhance cybersecurity by reducing a business’s attack surface exposure and protecting it against hostile forces. This process involves identifying vulnerabilities, implementing best practices for cybersecurity, and continuously monitoring and improving an organisation’s security posture.”
There are several vulnerabilities that chief information security officers (CISOs) and IT leaders should be aware of to effectively reduce a business’s attack surface exposure. Common risks include:
- weak or default passwords
- unsecured storage of passwords and other credentials
- misconfigured hardware and networking devices
- unencrypted network traffic and data at rest
- lack of, or limited, privileged access controls
- poorly configured basic input/output system (BIOS), firewalls, ports, servers, switches, and routers.
A security hardening approach reduces the attack surface and vulnerabilities in an organisation’s cyber world, simultaneously improving its resistance to unauthorised access and increasing its performance. The following recommendations provide a starting point for businesses to initiate system hardening efforts:
1. Prioritise cybersecurity training
Educating employees on cybersecurity best practices is crucial to protecting an organisation. Cost-effective, credible cybersecurity training options can help businesses create a cyber aware workforce, one that has an appropriate level of awareness and understanding about the cyber threats they face, and how those threats can be mitigated.
2. Set up automated patching and updating
Establishing strict, automated routines for software and updating is a crucial step in hardening an organisation’s security posture. However, when automation isn’t feasible, additional security measures should be considered, such as proximity or virtual patching. These measures may include the deployment of an intrusion prevention system (IPS) device dedicated to monitoring and securing systems that can’t be patched.
3. Use multi-factor authentication and single sign-on
Multi-factor authentication (MFA) and single sign-on (SSO) are important tools for security hardening as they provide an added layer of protection against unauthorised access to sensitive systems and data. For example, MFA requires users to provide more than one form of identification, while SSO lets users only log in once per day and use one set of credentials.
4. Ensure proper configuration of devices and applications
Avoid creating holes in cyber defences by correctly configuring devices and applications. Automate the configuring of devices to minimise human error. Consider using configuration tools provided by trusted vendors to identify and correct misconfigurations.
5. Reduce the attack surface
Running an inventory of the network and removing old or unnecessary items and privileges can significantly reduce the attack surface. By removing orphaned or unused accounts and outdated applications, businesses can minimise potential risks.
6. Understand the external attack surface
Knowing what applications, hardware, and Internet of Things (IoT) devices are in an organisation’s internal environment is not enough. Conducting an audit of the external environment and seeking an “outsider’s point of view” on the network can help identify potential risks.
7. Build a cybersecurity partnership
Collaborating with others in the cybersecurity community is essential to hardening a business’s security defences. Establishing global partnerships and sharing threat intelligence can help CISOs and IT leaders stay ahead of cyber threats, creating a strong foundation for an organisation’s cybersecurity strategy.
Ilan Rubin said, “Security hardening is a continuous and essential process that requires collaboration between CISOs, IT leaders, and employees to ensure all digital and operational assets are adequately protected. By taking necessary steps to reduce a business’s attack surface exposure, implement best practices for cybersecurity, and continuously monitor and improve security posture, organisations can effectively protect themselves against cyber threats.”