How to implement the first 5 CIS Security Controls and reduce your cyberattack risk by 85% — Network Consulting Services, Inc. - NCSi

News & Tech Alerts

The latest news and information from NCSI

As we said in our first article on this series, implementing the first five of 20 Security Controls reduces your risk of cyberattack by 85%.  Implementing all 20 Security Controls reduces the risk of cyberattack by 94% – a lofty goal indeed. We leverage a wide variety of software vendors and tactics, skills and strategies, to accomplish this.

 

Let’s jump right into CIS Control #5 and give a recap of 1-4. Here, then, is the definition of the fifth Security Control:

Controlled Use Of Administrative PrivilegesCIS Control #5
Controlled Use of Administrative Privileges
The processes and tools used to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.

 

Expressed a little more plainly, it is important for an organization to automate the process of ensuring that as few administrative accounts as possible exist, and that all administrative account holders on all devices are authorized. The number of administrative privileges per account must also be minimized, so that no administrative account has more privileges than absolutely required. All of these accounts need to be audited and monitored on a regular basis.

 

Automated Privilege Control
NCSi engineers use two powerful, specialized tools to implement the policy and procedures recommended in CIS Control #5. With Ivanti Application Control and Imperva Data Security solutions, User Privilege Management allows the creation of policies and rules that apply to files, drives, folder, signatures, Windows Apps, and more. Your IT department can reduce access privileges per user, per group, per application, or on a business rule basis. These tools keeps directly with the intent of CIS Control #5. Access policies are reusable and run on the principle of Least Privilege, not “assign administrative privileges whenever needed,” then leave them in place for a bad actor to find.

 

REVIEW: CIS Security Controls 1-5
Here are the Security Controls we have covered in this series:

  1. Inventory of Authorized and Unauthorized Devices
    Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.

 

  1. Inventory of Authorized and Unauthorized Software
    Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.

 

  1. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
    Establish, implement, and actively manage (track, report on, correct) the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

 

  1. Continuous Vulnerability Assessment and Remediation
    Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.

 

  1. Controlled Use of Administrative Privileges

The processes and tools used to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.

 

Getting to 100% Risk Mitigation
Implementing these five controls reduces your risk of cyberattack by 85%, but the job isn’t done with just these five steps. Implementing the full suite of 20 CIS Security Controls reduces your risk by 94%. This process is a concerted effort best done with a dedicated NCSi team, and not with an ad-hoc, piecemeal approach, which can leave security holes in your network. NCSi supports your organization throughout the entire process, adding value to your implementation and bringing your risk mitigation ever closer to 100%.

 

State-of-the-art tools, highly skilled engineers, international industry-wide standards, and a business philosophy that puts your organization’s security at the heart of everything we do, makes NCSi a natural partner for implementing both short and long-term security strategies and endpoint management.  Follow our articles on the CIS Security Tools and Controls to learn more about how your organization can harden its systems against attacks, malware, and ransomware.

 

How can we help?
Have a conversation with our engineers about your specific needs by contacting us today.