Is cyber security and therefore System Hardening a ‘nice to have’? No, definitely not! Here we provide you with sound arguments as to why you should not neglect the secure configuration of applications and operating systems under any circumstances.
What is the state of cyber security?
Let’s tell it like it is: hackers and other cyber criminals often have an easy game because they find IT systems that are inadequately protected. Despite this, many decision-makers treat the issue of cyber security as a low priority.
We therefore encounter similar questions time and again in our day-to-day work. In this article, we have compiled the most frequently asked questions for you as FAQs – and provide the relevant answers at the same time.
If you have any further questions on the subject of IT security, please do not hesitate to contact us!
“Why do we need to protect our IT systems?’
Even if you only follow the media superficially, you will quickly realise: There is a kind of war going on on the internet right now (the so-called ‘cyber war’). Every day, reports emerge that well-known companies and organisations have been hacked, data stolen and systems paralysed.
The damage usually runs into hundreds of thousands or millions of euros per case. According to the IBM study ‘Cost of a data breach’, a data protection incident in the healthcare sector, for example, cost an average of 10 million US dollars in 2021, compared to ‘only’ around 4 million dollars worldwide across all sectors and industries.
What various surveys also show: It can affect anyone, regardless of whether they are a private individual, start-up, medium-sized company or large corporation. The question is therefore not whether your company will be successfully attacked, but when it will happen.
This means that anyone who does not protect their IT systems at all or only protects them superficially is taking a very high risk. A risk that, in the worst case, can jeopardise the existence of a company!
‘How can we properly protect our IT systems?’
The short answer to this difficult question is: you need a strategy to ensure information security and data protection in your company.
To implement your cybersecurity strategy, you need to take action in three areas, among others:
-
- Protection
- Detection
- Response
In the areas of ‘Detection’ and ‘Response’, there are numerous powerful solutions available to you – from anti-malware suites to MDR systems and SIEM solutions. These popular tools and frameworks do a great job of reliably detecting and responding to attacks and compromises.
However, it is even more effective if you act with foresight and minimise attack surfaces and vulnerabilities for attackers from the outset. This is where a proactive protective measure comes into play: System Hardening.
‘Why are new work and remote work a cybersecurity risk?’
The Covid pandemic has given rise to a modern and flexible way of working: remote work. Employees are developing creative concepts while travelling by train, accessing the company network from their hotel room, enjoying the benefits of working from home or combining productive working days with beach holidays (‘workation’).
In times of the New Work movement, employees are much more flexible in their choice of work location and work equipment. Thanks to BYOD (‘Bring Your Own Device’), it is permitted to run company applications on leisure notebooks or business apps on personal smartphones.
Brave new world – especially for hackers and other cyber criminals. They now have many more potential systems to attack and infiltrate!
A Secure Configuration, also known as System Hardening, puts a stop to many malware programmes. Even dreaded tools such as Mimikatz lose their terror. Here is the proof:
‘How can hidden cyber attacks be better recognised?’
If the so-called ‘cyber gangsters’ have managed to penetrate your systems, this does not necessarily mean that they will immediately cause major damage. Attackers often move through the networks to gain an overview, install backdoors or steal small amounts of data.
If the hackers feel safe, they increasingly leak sensitive business information. This is often hidden in small data packages so that the ‘break-in’ is not noticed.
Companies that have installed anomaly detection systems will notice the compromise sooner or later. To better analyse where the weak points are located (often forgotten or rarely used in-house servers) and how they can be exploited, it is helpful if there is a ‘system inventory list’.
The hardening of systems can provide sound support for the faster detection of anomalies. Tools such as AuditTAP, which logs all secure and insecurely configured systems, can help here.
‘Can the vulnerabilities be found after a cyber attack?’
If a data breach occurs, the causes must be found as quickly as possible. This is when IT forensic experts come into play. The experts look for traces that allow them to understand how the hackers were able to penetrate, steal data or encrypt systems.
Such traces can be found in log files and audit logs, among other things. If IT systems have not been brought up to the current state of the art techniques, for example through updates and secure configurations, the forensic expert can recognise this based on the existing data.
If there are only a few omissions and vulnerabilities because the systems were hardened accordingly before the attack, this makes IT forensics work easier. Reconstruction of the incident is therefore faster and cheaper than usual.
‘What minimum requirements do cyber insurers have for IT security measures?’
Would your company like to insure itself against damage caused by cyber incidents? That’s a good idea. However, you currently have the problem that, on the one hand, premiums are rising massively. On the other hand, it is becoming increasingly difficult for companies to obtain cyber insurance at all.
Why is that? Many companies do too little for their IT security and thus become easy victims. This is a loss-making business for cyber insurers. Accordingly, they are tightening up their offers. If your company wants to take out cyber insurance – and at an acceptable price – it must fulfil the insurer’s strict requirements.
In many policies, System Hardening is one of the minimum requirements. This is understandable, as the secure configuration of the IT landscape is one of the best measures to significantly reduce gateways.
‘How can we take the pressure off our SOC team?’
If your company has an internal or external Security Operations Centre, or SOC for short, you are probably familiar with the situation: your colleagues are usually extremely stressed and annoyed. This is because they have to follow up dozens or even hundreds of reports every day, many of which turn out to be false reports.
In order to improve the working atmosphere and the quality of work, it is extremely important to reduce the number of (false) reports.
Fewer incidents can occur if operating systems and applications are less vulnerable – which can be achieved through better configuration. As you can see: System Hardening and SOC relief go hand in hand.
‘How do you easily create a report on the status of IT security?’
If you operate IT systems, especially in the area of critical infrastructures (CRITIS), you must regularly provide evidence that you are protecting them. You can provide such documentation and logs as part of your System Hardening.
For example, the Enforce Administrator automatically creates the required reports during hardening, which means you fulfil the legal obligations to provide evidence.
This means that thanks to good hardening tools, you can see at a glance whether your systems meet the internal compliance requirements and the configuration recommendations of DISA, CIS and other organisations.
‘Is system hardening required by law or regulation?’
You are certainly familiar with the GDPR. Have you also looked into NIS2? Do you know what the revised ISO 27001 entails? Or are you familiar with industry-specific standards such as TISAX, DORA, WLA-SCS, PCI-DSS 4.0, BAIT, B3S and the SEWD guideline IT SKIII?
Then you should close these knowledge gaps as quickly as possible! There are currently numerous ordinances, laws, regulations and standards that require system hardening. In the coming months and years, there will be some tightening in the form of new requirements.
Companies that do not adhere to the requirements must expect harsh consequences. And that’s a good thing! In view of the threat situation, private and business data must be protected better than ever – including with professional System Hardening.
‘What happens when upper management neglects cyber security?’
Are you still not convinced why your company should carry out System Hardening? Then we have an old saying for you: ‘Ignorance is no defence!’ This principle also applies to IT security.
Managing directors, board members and similar high-ranking decision-makers can be held liable for neglected IT security! For example. The German Limited Liability Companies Act (‘GmbH-Gesetz’) stipulates that managing directors must prevent damage to their company. If they fail to do so or do so inadequately, they may face severe penalties, including imprisonment.
In other words: IT security is a matter for the boss! Top management must work together with IT security experts to ensure that the system landscape is protected in the best possible way. There are many methods to do this. One of these is hardening through a permanently secure configuration of all systems used.
Are you missing an important question?
Then get in touch with us! Our system hardening experts will be happy to discuss the risks and opportunities with you. And we will support you in the implementation of sustainable, automated system hardening.
💬 Send us your questions or requests!
Images: Pixabay, BSI, IBM, FB Pro