Just like with personal hygiene, cyber hygiene refers to all the proactive steps you take to reduce threats to devices, networks, users, applications, and data.
Cyber hygiene practices can be as simple as ensuring that laptops are running the most up-to-date version of their operating system. Or they can be as complex as automatically patching, blocking, or updating systems.
Cyber hygiene is the ongoing process and discipline required to ensure that all assets adhere to an organization’s security policies and security best practices.
Top 5 Cyber Hygiene Challenges
While the personal hygiene metaphor helps to explain the main idea, the comparison breaks down quickly when looking at the challenges related to cyber hygiene.
Here are just five of the top challenges related to cyber hygiene.
1. Lack of visibility into devices
With personal hygiene, it’s likely that there’s no problem locating the hands that need washing.
But with cyber hygiene, simply having the visibility into all assets is a massive challenge.
The increase in the number and types of devices in our corporate environments has made it difficult to answer the most basic question: How many devices do I have, and are they secure?
Between unmanaged devices, cloud instances, and personal devices that have access to corporate data, simply aggregating a comprehensive cybersecurity asset inventory becomes a challenge.
2. Poor understanding of security solution coverage
Once you’re able to solve the visibility challenge, you can move on to the second cyber hygiene challenge: Understanding security solution coverage.
Organizations spend time, effort, and dollars implementing security and management solutions to address every kind of device and user.
Here are just a few examples. (For a full list, see Axonius Adapters.)
- Endpoint Protection Platforms
- SIEM Solutions
- Cloud Infrastructure
- Mobile Device Management
- DNS Management
- Directory Services
Without understanding where security solutions are both installed and active, coverage gaps exist. Until you can uncover gaps in security solution coverage, good cyber hygiene is impossible.
3. Inability to prioritize vulnerabilities
There will always be vulnerabilities — and it’s highly likely that there will always be more vulnerabilities than resources to address them. This makes prioritization essential when it comes to including vulnerability management as part of a cyber hygiene program.
Understanding which devices have critical vulnerabilities makes it easier to prioritize what needs to be addressed first. Cyber hygiene doesn't necessarily mean to remediate the highest vulnerabilities no matter the device; instead, you use inform vulnerability management using detailed information on each asset.
For instance, there could be a medium vulnerability on an internet-facing device missing endpoint protection. Another device could could have a vulnerability that is neither exploitable or reachable since it is behind a segmented network.
Teams focused on cyber hygiene will likely patch both, but prioritize the device with the medium vulnerability first since the risk is more immediate.
4. User access, PAM, and offboarding
Understanding which users have privileged access, and continually verifying permissions, are also necessary components of any cyber hygiene program.
A few examples of findings that should be part of a cyber hygiene initiative include:
- AD-enabled users with bad configurations – Any user with either a password set to never expire, no pre-authorization required, no password required, etc.
- Users with devices not seen in X days – Any user with a device that hasn’t been active in a given timeframe.
- Admin accounts with old passwords – Any admin user that hasn’t changed a password in a given timeframe.
- Users with bad logins – Users that have tried but failed to log in over the past seven days.
5. Managing Cloud Assets and IoT Devices
Two types of assets have a tendency to trip up cyber hygiene initiatives? Cloud instances and IoT devices.
As more organizations move to the cloud, they often find that the security and management solutions protecting their on-premise and network devices don’t necessarily translate.
One example is the use of vulnerability assessment tools. These scanners do a fantastic job of scanning devices on a network to find which vulnerabilities are present. But the dynamic nature of cloud instances — and their short lifespan — often means that VA tools simply don’t know that a new cloud instance exists, so it’s never scanned.
IoT devices present another challenge to security and IT departments when it comes to cyber hygiene. With thousands of always-on, always-connected devices hitting our networks, these devices are unmanaged and therefore often are not part of security policies.
Overcoming Hygiene Hurdles With Cybersecurity Asset Management
Managing these common challenges that come along with cyber hygiene doesn’t have to feel like a chore.
Leveraging a cybersecurity asset management platform will allow you to understand everything in your environment, see where coverage gaps exist, and take action on remediating those gaps.
What’s more, tools and technology built specifically for cybersecurity enable continuous discovery, meaning ephemeral devices like cloud instances or IoT devices can be identified, understood, and secured the moment they hit your environment.