Cyber Essential #3 – Your Systems

Home / News / Cyber Essential #3 – Your Systems

Most of the people responsible for cybersecurity -or those who have been relegated to that responsibility because they have broadly understood IT management responsibilities – start from this point. And this is not a mistake – the knowledge of systems is, after all, the foundation of understanding IT. And knowing systems weak points is the foundation of protecting them.

Protecting your systems requires knowing which devices are connected to your network, what applications are running on them, who has access to them, and what security measures are in place. A conscious company ensures that its systems are up-to-date and safe. These actions can support a culture of proactive risk management and reduce the risk of trade-off.


  1. Find out what’s on your network.
    • Write down all hardware and software resources.

    • Prioritize systems and equipment in terms of the value of the data processed thereEstablish a monitoring strategy to identify unusual activities that might indicate an attack.

  1. Enable automatic updates for all operating systems and third-party software.Enable automatic updates whenever possible and make sure you download, test and deploy the latest versions of operating systems and applications.
  1. Use your email and web browser security settings to protect yourself from spoofed or modified emails from unsecured websites. The 2 key points are:
    • Content filtering to external websites can prevent attackers from delivering malicious code or scripts to your application. Firewalls can also block traffic to potentially harmful websites while allowing access to acceptable applications.

    • Customize e-mail settings to enable secure e-mail communication. Set up content filters to send mail containing certain words and email addresses to the spam folder.

  1. Create application lists so that only approved software can run on your systems.Make sure your applications run safely and as intended.Put in place a policy that allows only approved, authorized software and its libraries to perform their processes.Monitor the integrity of the listed applications with periodic file hash checks to make sure no unauthorized modifications have been made. Consider a staged, phased approach, starting with high-impact endpoints (e.g., domain controllers, application servers, databases), followed by any other support systems, and ending with any remaining user workstations or endpoints.

A key area to ​​protection is that you should invest in at the initial stage is securing the communication channels used by end users with relatively low awareness of network threats. A firewall is essential, but many companies do not “dissect” encrypted network traffic. Therefore, investing in a web proxy and the right email protection solution is the first point – not to be overlooked. Remember – get to know what you have and use the basic security mechanisms provided natively by manufacturers before you move towards planning the implementation of dedicated solutions. It will save you stress in the event of an attack or audit – and time during discussions on planned investments in cybersecurity.


Related articles

Cyber Essentials #1 – Who's responsible?
„Zero Trust Network” – various implementation concepts
50% OF DATA BREACH EVENTS RELATED TO THREATS INSIDE THE ORGANIZATION
Please be advised that our website is using cookies for marketing, statistical and functional reasons. In order to optimize the content on our website and to adapt them to your individual needs, we use informations saved using cookies on users’ end devices. Cookies can be controlled by the user through the settings of their web browser. By contiuning to use our website without changing your web browser settings, you are accepting the use of cookies.
I accept More info