Cyber attacks target ISIS in a new line of comba... » Security experts react to The New York Times article, “US Cyberattacks Target ISIS in New Line of Co... FAST and V.i. Labs join forces to educate market... » The Federation Against Software Theft (FAST) and long-term industry member V.i. Labs, have launched ... Wick Hill Wins ‘Distributor of the Year’ at IT E... » Woking, Surrey: Wick Hill has won the strongly contested ‘Distributor of the Year’ title at the IT E... Thales delivers digital trust across connected ... » Samsung Developer Conference, San Francisco, CA: Thales has announced that the SAMSUNG ARTIK™ platfo... BeyondTrust contributes threat analytics to the ... » PHOENIX: BeyondTrust has announced today that the 2016 Verizon Data Breach Investigations Report (DB... Construction hoist standard for transporting ... » BSI, the business standards company has revised BS 7212:2016 Code of practice for the safe use of co... FireMon delivers record 2015 Revenue...adds secu... » London, UK: FireMon CEO Jim Lewandowski has announced the security management firm achieved record g... PALFINGER achieves new record levels of revenue » - Revenue grew by 9.1 per cent to EUR 318.8 million - EBIT showed extraordinarily strong increase o... Industry leader covers nearly 700 compliance pol... » London, UK: Tripwire, Inc. has announced that Tripwire® Enterprise coverage for security policy and ... Varonis to stifle ransomware with new threat model... » London, UK: Varonis Systems, Inc. has announced the beta availability of more than 20 new threat mod...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

Computer security is a field where the goal posts are constantly moving, as malware morphs in an attempt to outsmart the defences you put in place. While security professionals have recognised for a long time that unwanted software, often in the form of Trojans and worms usually installed by users when tricked by some form of social engineering, presents the biggest risk to security, it’s only now that compliance mandates are catching up and are being developed based on real-world attack data.

Australia’s Department of Defence Intelligence Agency produced a report of mitigation strategies using research on attacks carried out in 2010, and later updated in 2011. It concluded that 85 per cent of attacks could have been prevented if its top 4 recommendations had been followed. These top 4 recommendations are known as the security ‘sweet spot’:

· use application whitelisting to help prevent malicious software and other unapproved programs from running.

· patch applications such as PDF readers, Microsoft Office, Java, Flash Player and web browsers.

· patch operating system vulnerabilities.

· minimize the number of users with administrative privileges.

“The Australian government has already implemented the report’s recommended strategies to good effect, allowing only whitelisted applications to run and removing administrative privileges wherever possible,” said Paul Kenyon, COO at Avecto. “Application whitelisting and privilege management can help avoid the inconvenient trade-off in usability that security measures often impose. This way IT administrators can remove administrative privileges and block restricted applications while ensuring that users have the flexibility to work as required.”

The UK government’s Public Services Network (PSN) has a new set of standards that replaced the Government Secure Intranet Code of Connection (GSi CoCo) in November 2012. Based on ISO 27001, the new controls are outcome-based so that government departments can comply how they see fit rather than check a list of technical requirements. The PSN Standards list of configuration controls includes preventing the execution of unauthorized software, best achieved through application whitelisting, and explicitly states that administrative privileges should be removed where possible.

Not all the latest security mandates are coming from the government. The SANS institute has created its own list of 20 controls in consortium with government and industry bodies. As expected, included in the controls is the removal of administrative privileges, and though application whitelisting isn’t explicitly mentioned, the secure configuration of workstations and servers is a key priority.

“Most current security mandates imply that least privilege should be deployed rather than state it explicitly. But as the importance of least privilege becomes better understood, that’s starting to change. Whether you need to comply with current or future mandates, least privilege security is a defence strategy that cannot be ignored if you need to meet basic compliance requirements,” said Kenyon.