Twitter Facebook Google RSS
Homeland Security News 

New Cyber Hygiene Campaign Seeks to Curtail Attacks 


By Stew Magnuson 

Taking five relatively easy and inexpensive steps can prevent 80 percent of attacks by hackers who are attempting to infiltrate company or government computer systems, according to a coalition of organizations involved in cyber security.

The Center for Internet Security and the Council on CyberSecurity, working with the Department of Homeland Security, the National Governors Association and the Governors Homeland Security Advisors Council launched the Cyber Hygiene Campaign in April. Its goal is to help both the public and private sectors to immediately and measurably improve their readiness to defend against the ever-increasing volume of cyber attacks, it said in a statement. 

The five steps are: inventory authorized and unauthorized devices; inventory authorized and unauthorized software; develop and manage secure configurations for all devices; conduct continuous (automated) vulnerability assessment and remediation; and actively manage and control the use of administrative privileges.

“Today, the vast majority of cyber attacks are successful due to failure to implement basic cyber hygiene,” said William Pelgrin, president and CEO of the Center for Internet Security.

Air Force Maj. Gen. Donald Dunbar, National Guard adjutant general of Wisconsin and chairman of the governor’s council, said: “Adopting these recommendations will not make you immune from cyber attack, but will make any network more resistant and resilient.”

The consortium supports DHS’ launch of the critical infrastructure cyber community voluntary program, which is based on the National Institute of Standards and Technology cyber security framework released in February.

Franklin S. Reeder, chairman of the board of the council, said he “believes that all three elements of the cyber ecosystem — people, technology and policy — must be considered together and brought into alignment in order to create a foundation of security practices that are understandable and usable.”

The campaign is working with state governments in hopes that its principles can be practiced by all states. The homeland security council adopted it as a key focal point of its 2014/2015 program agenda and will encourage states to seek funding through the federal Homeland Security grant program to help implement its recommendations.

Dunbar said: “This concept is similar to vaccination against the flu — it is not 100 percent guaranteed, but those who get the shot are much less likely to suffer the flu. We all agree on the problem. What we need is a common sense place to start and this campaign is that first step.”  

Photo Credit: Thinkstock

Reader Comments

Re: New Cyber Hygiene Campaign Seeks to Curtail Attacks

What happened to this program.

James Callaway on 09/08/2015 at 19:49

Submit Your Reader's Comment Below
The content of this field is kept private and will not be shown publicly.
Please enter the text displayed in the image.
The picture contains 6 characters.
*Legal Notice

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

  Bookmark and Share