visit
“Cutting out bad habits is far more effective than cutting out organs.”
— Herbert M. Shelton
One year ago, in Hong Kong, we heard about an unknown virus causing viral infections in Wuhan, China. As we experienced in 2003 with the SARS, people in Hong Kong started buying detergent, disinfectants, and masks in early 2020, which was also my first time to learn about all the specifications of medical masks.I can now tell you the difference between VFE, BFE, AMSL, 3-layers, and N95… Hong Kongers were forced to become experts on medical masks. Yet, we are still struggling every day and trying not to get sick.As individuals are a part of a society, we must remind ourselves that staying in good personal hygiene is what we should keep maintaining. A healthy lifestyle (have enough sleep, maintain good nutrition, etc.) and handwashing can prevent us from getting infected. And for the love of all, stay home if you feel ill not to infect others. Just as we are practicing good personal, we should be practicing good security hygiene.Fortunately, their evil plan is defeated by a next-generation, AI-powered, and automated security tool that detected and prevented it within nanoseconds! Sound too good to be true? Sadly, isn't possible; even if you have the most advanced technology assistance.
While silver bullets shine radiantly, unfortunately, they work mostly against werewolves, not real-life cybersecurity incidents. As I always say, security is about a perfect mindset in which security professionals are required to consider the situation from different perspectives (PPT, PDC…) — attackers will always take the easiest path to breach your cyber defenses.
We should promote and implement a comparable model globally, making basic cyber hygiene the norm for cybersecurity. Keeping good cyber hygiene is the best measure to help stay safe online.
People are now more aware of the principle of prevention and control of diseases, such as patient-zero, quarantine, and screening tests. So that is why there is no better time to explain the analogy of it — Cyber Hygiene.
It may be difficult for people to imagine washing hands and taking showers to stay safe online. The term is a metaphor, as we defined malicious software as a “virus” and the malfunctioning machine as “patient” a long time ago.
Suppose you consider the analogy of personal hygiene. In that case, Cyber Hygiene is about equipping yourself to think proactively about your cybersecurity (Security Mindset), similar to what you are doing every day to prevent the COVID-19, to reduce the risks of cyber threats and online security events.
As a human, we all know, getting sick is inevitable. As a security professional, our primary goal is not to make sure everything is running as expected but to make sure the unexpected or unknown are minimized or mitigated.
Cyber Hygiene addresses uncomplicated actions that everyone can practice to help reduce cybersecurity risks. It is about day-to-day activities on prevention. By that, let’s walk through a basic concept.I would begin by explaining the similarity between Medical Hygiene and Cyber Hygiene. First, here is the concept of public health — :
Primary Prevention — Seeks to prevent a disease or condition at a pre-pathologic state; to stop something from ever happening.
Secondary Prevention — Seeks to identify specific illnesses or conditions early with prompt intervention to prevent disability.
Tertiary Prevention — Occurs after a disease or disability has occurred and the recovery process has begun.
Next, below is the methodology I mentioned previously as :BEFORE — Preventive controls are designed to keep attacks from occurring in the first place. Controls may be automated, manual, or hybrid.
DURING — Detective controls are designed to detect attacks that may have occurred.
AFTER — On the other hand, correct controls are designed to correct attacks that have been detected.
As you can see, they are analogous by nature. Therefore, I am sure that by learning one of them, we can equip these concepts in both the digital and physical environments. Prevention, by all means, should be the focus as it keeps attacks from occurring in the first place.#1 Keep the virus out — Minimize the attack vector
Similar to the WHO recommendation of wearing masks in public areas, please wash your hands more frequently. It may give you a minute or two of discomfort, but it also dramatically reduces the chances of a virus getting into your body.This kind of measure is fundamental to every security policy. In cybersecurity, we also have proactive measures to follow so we can minimize the chance of “infections,” such as:Continuing awareness education should ensure these best practices are followed. As the threat landscape changes, content and approaches are also adjusted (i.e., new applications, new technologies, and new users).
It should be understood that security landscapes are always advance. Like in The Transformers, Optimus Prime is there to fight the new enemies; he always has new weapons or a new look.
What you just did flawlessly will be outdated one day. A periodic update and review should be put into consideration at all times. Therefore, an open, creative, and flexible mindset is nonnegotiable.
Key Point: To wash hand online = to minimize the attack vector wtih a fundamentals-first strategy.
#2 Illness Screening — Regular Health-check
Some diseases are only vulnerable to particular gene expression. That is why DNA tests could screen out native gene defects before the development of illness. Regular health checks can help us to spots the early symptoms and do the treatment.Countries are launching COVID-19 tests in high-risk areas. The objective is the same as regular scanning of computers against known vulnerabilities — to keep the security visibility as wide as possible to locate and fix the weak spots before a security event.No one wants to get sick, but we need to know it before we can act. When cancer is diagnosed at an early stage, treatment is often more likely to be effective.
It is the same for the idea of “shift-left” in cybersecurity. "" security is moving security to the earliest possible stage in the development process. Scanning the source code for problems is great for reducing not only security risks but also cost.
Key Point: To find potential health problems, do regular a health-check: regular vulnerabilities scanning + shift-left.
#3 Stay healthy — Software updates and patches
Keeping the body fit also helps to strengthen the immune system. By doing that, the chances of virus infection are much lower. The chances of survival of a healthy individual are much higher.But how to stay healthy in a digital world? Can you get your computer working out at the gym? You can do it by doing software updates and patching. On the one hand, we need to check if there is any weakness in the system. On the other hand, patching it once it is available is also essential.
Sadly, we all know no system is perfect. What if the hacker is already in? Is there anything we can do, just like our immune cells in our body, to fight back or reduce the impact? Yes, for sure, there are things that we can do.
For starters, data could be protected by encryption. For example, that data loss can be minimized if the USB drive you lost on the bus was encrypted.
Also, check the HTTPS certification status of websites, especially with input, e.g., online banking and company mail, to minimize interception risk on public networks.
The best way to return systems and devices to normal after a successful ransomware attack is to restore a clean backup. This is why data backups are crucial to counter aggressive ransomware attacks. Back up the critical devices, emails, and other data regularly. Keep backups in multiple physical locations, if possible.
With limited time and resources during the incident handling window, a more comprehensive, systematic approach is essential during event verification. could also shorten the response time and reduce impact.Key Point: To keep fit = Security updates and patches
To get well soon = Encryption + Backup + IR process
This fundamentals-first strategy is no surprise to experienced security professionals. Meanwhile, we relied heavily on advanced threat detection tools, AI-assisted SOC indicating the usefulness of those techniques, but do not help remove the cybersecurity risks.
Good Cybersecurity hygiene — keeping the attack vector minimal, continuing education, maximizing visibility to the system, and patching — should be the real “Silver Bullet” that can dramatically reduce the risk of the weakness link in the picture (the people pillar).