Top 4 Strategies to Mitigate Targeted Cyber Intrusions
The Canadian Cyber Incident Response Centre (CCIRC) recommends that network administrators implement the following four mitigation strategies, which can prevent as much as 85% of targeted cyber attacks:
Ranking | Mitigation Strategy | Rationale |
---|---|---|
1 | Use application whitelisting to help prevent malicious software and unapproved programs from running. | Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software. |
2 | Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office. | Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker. |
3 | Patch operating system vulnerabilities. | |
4 | Restrict administrative privileges to operating systems and applications based on user duties. | Restricting these privileges may prevent malware from running or limit its capability to spread through the network. |
This list of mitigation strategies has broad international consensus and is considered network cyber security fundamentals. These strategies have been endorsed by the Government of Canada, including CCIRC and the Communications Security Establishment Canada. The “Top 4” also underpin CCIRC's Mitigation Guidelines for Advanced Persistent Threats.
These strategies were originally developed by the Australian Government.
- Date modified: