The world of cybersecurity is constantly filled with news about the latest data breaches, cybercriminal attack trends, and security measures. While it is crucial to stay informed about these developments to adapt to the ever-changing nature of cybercrime, it is equally important to focus on foundational measures. Basic security hygiene can still protect against 98% of attacks, making it essential for businesses to meet the minimum standards for cyber hygiene to protect against cyber threats, minimize risk, and ensure ongoing business viability.
To increase cyber hygiene, organizations can follow five steps:
1. Require phishing-resistant MFA (Multifactor Authentication): Enabling MFA can prevent up to 99.9% of attacks. MFA disrupts potential phishing attacks by requiring attackers to crack more than two factors of verification to gain access to a system. To be effective, MFA should be frictionless and easy for end users. Options like device biometrics or FIDO2 compliant factors can enhance security without burdening employees. MFA should also be strategically leveraged to protect sensitive data and critical systems, rather than being applied to every single interaction. Conditional access policies can trigger two-step verification based on risk detections, reducing the need for multiple sign-on sequences and eliminating the need for frequent password resets.
2. Apply Zero Trust principles: Zero Trust is a proactive, integrated approach to security across all layers of the digital estate. It involves explicitly and continuously verifying every transaction, enforcing least-privilege access, and making intelligence, advance detection, and real-time threat response the cornerstones of security. Adopting Zero Trust helps organizations better support remote and hybrid work, prevent or reduce business damage from breaches, protect sensitive business data and identities, and build confidence in security posture and programs across the enterprise.
3. Use modern anti-malware solutions: Threat actors move quickly and aim to remain undetected. Employing extended detection and response tools can flag and automatically block malware attacks while providing insights to the security operations team. Implementing security automation and orchestration best practices is the first stage of using a modern anti-malware platform. Automating alert collection and prioritization helps reduce the load on security operations analysts, while continuous improvement through monitoring key metrics and tuning sensors and workflows brings incremental changes. Integrated extended detection and response (XDR) and security information and event management (SIEM) solutions help defend against threats across all workloads, providing high-quality alerts and minimizing friction during response.
4. Keep systems up to date: Unpatched and out-of-date systems are a major reason organizations fall victim to attacks. IoT/OT (Internet of Things/Operational Technology) devices are increasingly targeted by cybercriminals and botnets. Applying software patches as soon as they are released, changing default passwords and SSH ports, and gaining deeper visibility into IoT/OT devices on the network can help mitigate risks. Further reducing the attack surface can be achieved by eliminating unnecessary internet connections and open ports, restricting remote access, and using VPN services.
5. Protect data: With hybrid workspaces, data is accessed from multiple devices, apps, and services worldwide, making strong protection against data theft and leakage crucial. A defense-in-depth approach fortifies data security. This approach involves identifying where data lives and how it is accessed, protecting it when at rest and in transit through accurate labeling, classification, and tracking, managing user risks and internal threats, and implementing a data loss protection solution that balances protection and productivity. Proactive data lifecycle management ensures better data security and responsible democratization of data for users to drive business value.
While threat actors continue to evolve and become more sophisticated, simple measures such as enabling MFA, applying Zero Trust principles, keeping systems up to date, using modern anti-malware solutions, and protecting data can prevent 98% of attacks. To enhance security within organizations and access the latest threat intelligence, visiting Microsoft Security Insider is recommended.