The Critical Security Controls for Effective Cyber Defense are an internationally recognised baseline standard of information security best practices developed by the Centre for Internet Security with input from the UK Centre for the Protection of National Infrastructure (CPNI) and other government and industry bodies from around the world.
In this paper, Avecto examines the controls that directly require the use of proactive endpoint security. Six of the controls directly pertain to privilege management and application control, but we will also outline how content isolation (sandboxing) can also be used as an additional line of defense to further protect systems.
The 20 controls presented in the Critical Security Controls (CSC) for Effective Cyber Defense document are intended to help prioritize the implementation of security best practices and select which out of the many technologies, standards, and benchmarks and recommendations available today are most effective at improving an organization's security posture.
Prevention is better than cure, but many organizations neglect fundamental security best practices, such as the use of standard user accounts, instead relying on antivirus and endpoint firewalls as a band aid. But definition-based AV is increasingly less effective at preventing compromises where in many cases, proactive endpoint security can stop even advanced and zero-day exploits.
What follows is an explanation of how proactive endpoint security, such as that provided by Avecto Defendpoint, is essential for achieving the goals set out in the document.
Critical Security Controls requiring proactive endpoint security:
- Controlled use of administrative privileges
- Control access based on the need to know
- Inventory of authorised and unauthorised software
- Secure configurations for hardware and software on mobile devices, laptops, workstations and servers
- Malware defenses
- Application software security