4 steps to better security hygiene and posture management
As the old security adage goes, “a well-managed network/system is a secure network/system," and this notion of network and system management is a cybersecurity foundation. Pick any framework (e.g., NIST Cybersecurity framework), international standard (e.g., ISO 27000), best practice (e.g., CIS 20 Critical Controls) or professional certification (e.g., CISSP), and much of the guidelines presented will be about security hygiene and posture management.
Another time-honored colloquialism also comes to mind here: “An ounce of prevention is worth a pound of cure.” From a cybersecurity perspective, all frameworks, standards, and best practices suggest that security strategies start with some fundamentals like an inventory of all assets on the network, hardened configurations, least privilege accounts, system/data classification, rapid vulnerability discovery/remediation, and continuous monitoring. Get these right and...