Cyber Essentials Section 4 - Malware Protection

The Cyber Essentials is a UK government-backed framework which is designed to assist organisations in protecting themselves against common threats.  The Cyber Essentials provides a basic cyber security foundation that can serve as a stepping stone to a more comprehensive zero-trust approach. The Cyber Essentials is built on 5 key components that, when implemented correctly, can reduce cyber risk.  The five key components are:

1. Firewalls and Boundary Devices
2. Secure Configurations
3. Access Control
4. Malware Protection
5. Patch Management

Tenable has released a series of dashboards, that focuses on each of the five basic technical controls, which organisations can use to help strengthen their defences against the most common cyber threats.

The focus of this dashboard is Section 4 - Malware Protection. Malware threats are one of the most common and damaging cyber threats.  The primary objective is to defend against threats, such as malware, viruses, ransomware, and others.  Section 4 ensures you have an active protection in place for protection.  Active protection helps prevent business disruptions from downtime, and costly recovery efforts.  

Compliance with Section 4  builds trust with customers and suppliers by demonstrating that your organisation takes cyber security seriously. Compliance also assists in meeting contractual and regulatory obligations, and may provide a competitive advantage.

This key component applies to all the following in scope devices: Boundary Firewalls, Desktop Computers, Laptops, Routers, Servers, Iaas, PaaS, and SaaS devices.  Some items to focus on within this key component are:

• Ensuring Anti-Malware software is in use
• Ensuring Anti-Malware software is kept up to date
• Ensuring applications are protected against malware and exploitation

Widgets

• Vulnerabilities Exploitable by Malware Summary - This widget presents a ring chart displaying vulnerabilities that are exploitable by malware, by severity.

• Malware Defenses - CSVv8 - This widget provides organizations with information which specifically measures against the compliance standards related to the Center for Internet Security (CIS), Critical Security Controls, Version 8 (CSCv8) is a prioritized set of safeguards mapped to, and referenced by multiple legal, regulatory, and policy frameworks.

• Hosts with Possibly Out-of-Date Anti-Malware Signatures - This widget utilizes several plugin IDs to determine if anti-malware/antivirus signatures are up-to-date.

• Common Anti-Virus Concerns - This widget focuses on the most common antivirus vendor's vulnerabilities to help prioritize remediation.

• Top 100 Vulnerabilities Exploitable by Malware - The Top 100 Vulnerabilities Exploitable by Malware widget presents the top 100 vulnerabilities that have been identified to be exploitable by malware. 

• Top 100 Malware Vulnerable Hosts - The Top 100 Malware Vulnerable Assets widget provides a list of the top 100 assets with vulnerabilities that are known to be exploitable by malware.