By Paul Parker, SolarWinds Federal & National Government Chief Technologist
For the public sector to maintain a suitable level of cybersecurity, the U.K. government has implemented some initiatives to guide organizations on how to do so effectively. In June 2017, the National Cyber Security Centre (NCSC) rolled out four measures as part of the Active Cyber Defence (ACD) program to assist government departments and arms-length public bodies in increasing their fundamental cybersecurity.
These four measures intend to make it more difficult for criminals to carry out attacks. They include blocking malicious web addresses from being accessed from government systems, blocking fake emails pretending to be the government, and helping public bodies fix security vulnerabilities on their website. The fourth measure relates to spotting and taking down phishing scams from the internet when the NCSC spots a site pretending to be a public-sector department or business.
Government IT professionals must incorporate strategies and solutions that make it easier for them to meet their compliance expectations. We suggest an approach on three fronts.
Step 1: Ensure network configurations are automated
One of the things departments should do to comply with the government’s security expectations is to monitor and manage their network configuration statuses. Automating network configuration management processes can make it much easier to help ensure compliance with key cybersecurity initiatives. Device configurations should be backed up and restored automatically, and alerts should be set up to advise administrators whenever an unauthorized change occurs.
Step 2: Make reporting a priority
Maintaining strong security involves prioritizing tracking and reporting. These reports should include details on configuration changes, policy compliance, security, and more. They should be easily readable, shareable, and exportable, and include all relevant details to show that they remain up-to-date with government standards.
Step 3: Automate patches and stamp out suspicious activity
IT administrators should also incorporate log and event management tools to strengthen their security postures. Like a watchdog, these solutions are designed to be on alert for suspicious activity, and can alert administrators or take actions when a potentially malicious threat is detected. This complements existing government safeguards like protected Domain Name System (DNS) and DMARC anti-spoofing.
Implementing automated patch management is another effective way to help make sure that network technologies remain available, secure, and up-to-date. Government departments must stay on top of their patch management to combat threats and help maintain strong security. The best way to do this is to manage patches from a centralized dashboard.
Keeping up with the guidelines proposed in initiatives such as the ACD program can be a tricky and complicated process, but it doesn’t have to be that way. By integrating these simple but effective steps, government IT professionals are better positioned to efficiently follow the guidelines and up their security game, protecting not just themselves, but the government’s reputation.
Find the full article on Central Government.