The IT Company Blog Series is back with another CIS Control blog! Next up is CIS Control 8.
CIS Control 8 is better known as Malware Defenses. CIS defines control 8 as “controlling the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimizing the use of automation to enable rapid updating of defense, data gathering, and corrective action.”
In the I.T. industry, we have experience and knowledge of just how dangerous malware is. We have written and shared a plethora of blogs within The IT Company’s blog series regarding malware- the effects it has, the dangers it poses, and tactics to protect oneself. CIS Control 8 is designed to protect companies from these dangers.
To truly understand the importance of CIS Control 8, it is vital to understand what malware is and just how dangerous it is. So what exactly is malware? Malware is any type of malicious program or code that intends to invade computer systems, networks, or other devices. The dangerously intrusive virus fights to take control over the device. Once the device is infected the attacker can steal information, encrypt, delete data, hijack functions of the device, and spy on the user’s activity.
As people’s defenses against malware get stronger, malware is also becoming stronger and being designed to disable those defenses, allowing the viruses to still enter.
CIS Control 8 is the idea of having malware defenses in place that operate effectively in this complex and dangerous environment. CIS Control 8 implements large scale automations, rapid updating, and the integration of processes such as incident responses. CIS security encourages having these controls in place for every managed system that is currently active on a company’s network.
There are 8 noted requirements for CIS Control 8 that are in place to hopefully fully arm your malware defenses. Those requirements are:
- Utilizing centrally managed anti-malware software.
- Ensuring all anti-malware software signatures are up to date.
- Enabling operating system anti-exploitation features and deploying anti-exploit technologies.
- Configuring anti-malware scanning of removable media.
- Configuring devices to not auto-run content.
- Centralizing anti-malware logging.
- Enabling DNS Query logging.
- Enabling command-line audit logging.
Each of these requirements is to be implemented in order to best protect one against the dangers of malware.
The IT Company finds all of the CIS Controls practical and important to your security. However one of the CIS Controls that we find most critical is control 8. Malware defenses is one that IT companies have a lot of familiarity with and are passionate about.