The Cyber Security month (October) has arrived. The month where adults dress up in lederhosen or scary costumes and the children run wild on a sugar rush. After all, October ends with a bang in the scariest day of the year: Halloween. October is also a month dedicated to a far more scarier and spooky subject than any haunted house: cybersecurity awareness.
This is where campaigns such as European Cyber Security Month (ECSM) and National Cyber Security Awareness Month (NCSAM) in the United States come into play for the Cyber Security month of October 2019.
National Cybersecurity Awareness Month – an initiative of the U.S. Department of Homeland Security – is a joint effort between government and industry to raise awareness about the importance of cybersecurity and the need for all of us to be more attentive and secure online. NCSAM 2019 features three overarching themes:
- Own IT – Take responsibility for IT security at all levels, from social media to mission-critical apps.
- Secure IT – Take steps to secure IT behaviors and limit attacker success.
- Protect IT – Take action to protect both device connections and data collection across the organization.
Aligned with this campaign is the European Cybersecurity Month (ECSM), the EU’s annual Cyber Security awareness campaign that takes place each October across Europe. The aim is to raise awareness of cybersecurity threats, promote cybersecurity among citizens and organizations; and provide resources to protect themselves online, through education and sharing of good practices.
All these cybersecurity initiatives carry out the common overarching message that “cybersecurity is a shared responsibility”. After all, we all have a role to play when it comes to responding to the growing threat of cyber threats and staying ahead of cybercriminals. That’s
A Critical First Step in Cyber Security
At Lansweeper, cybersecurity is one of our cornerstone use cases. Why? The first step in protecting anything is knowing that an asset exists. It sounds so simple, but a solid cybersecurity program requires reliable inventory and discovery as its foundation.
The discovery of hard- and software data plays a critical role in maintaining an up-to-date synopsis of your entire IT estate to protect yourself against cybersecurity attacks. Leveraging that collected network data is a fundamental starting point for implementing security measures across your organization. So this campaign is a big deal for us to put the spotlight on cybersecurity awareness.
Leverage These 4 Useful Cyber Security Resources
Once you’ve established your asset inventory baseline, you can start to dig deeper. We’ve listed 4 resources below which you can leverage throughout cybersecurity awareness month and beyond.
1. Vulnerability Updates
Lansweeper holds more than 450 built-in network reports in the report library, but ad-hoc vulnerabilities mostly require a custom Vulnerability Report to assess if you’re vulnerable and need to update. We regularly create custom hardware and software reports to address known issues. Cases of Lansweeper supporting a security response to mitigate crucial threats include the SWAPGS, Bluekeep, and the recent Internet Explorer Zero-Day vulnerability exploits. Once identified, IT teams were able to query Lansweeper to find instances of vulnerable software using a Vulnerability Audit Report.
2. CIS 20 Critical Security Controls®
You can’t protect what you don’t know exists. The top 6 CIS Critical Security Controls® of the Center for Internet Security® highlights how crucial it is to know what devices you have and which software is running on them. A well-maintained Asset Inventory Database is key in building a more comprehensive security program based on the CIS Security Controls. Learn how you can leverage your asset inventory database to tackle the first 6 critical CIS controls.
3. Patch Tuesday Audit Reports
Every second Tuesday of the month, Microsoft releases a scheduled security fix, also known as ‘Patch Tuesday’. Every month, we create a Patch Tuesday Audit Report which checks if the assets in your network are on the latest Windows Patch Tuesday update. It gives you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched.
4. End of Life Audits
Every Windows product has a lifecycle, and the product lifecycle ends when it’s no longer supported. The biggest risk of running End-of-Support software is flawed security. Your computer literally becomes a gateway for malware. Since the manufacturer no longer provides security updates, any vulnerabilities found by hackers can be exploited over and over again. Additional issues of running EOL software include compliance & audit issues, poor reliability & performance, higher operating costs, and software incompatibilities.
We regularly create EOL Audit Reports so you prepare your network for the upcoming End of Life software. Windows 7 is due to reach End of Life (EOL) on 14 January 2020, but a large number of corporate workstations are still running the nine-year-old system. Recently, Microsoft also announced the End of Life for Windows 10, version 1703 and Skype for Business.
Start your free 14-day trial and learn how Lansweeper can improve your cybersecurity program.
