3 Common Cybersecurity Remediation Issues

By Brett Powers • July 28, 2021

As your organization works to strengthen its security surrounding its IT infrastructure to meet the requirements of the NIST 800-171 framework, and in anticipation of securing Cybersecurity Maturity Model Certification (CMMC) Maturity Level 3 compliance, a few issues frequently require attention.

Working to address these challenges will raise your company’s Supplier Performance Risk System (SPRS) score. This can be instrumental in demonstrating your commitment to exceptional cybersecurity hygiene to government entities looking to use your products or services. 

 

We’ve found these issues that require remediation at most companies we have assessed.

 

Absence of Documentation

With CMMC looming, a lot of companies are examining their policies, procedures, and standard documentation. At CyberSheath, before we get to the remediation process, we assess where an organization is in terms of compliance readiness. Generally what we find is most companies have very little documentation around what they’re doing and how they’re governing their security controls.

Lack of internal resources can make formulating the appropriate documentation a challenge. While we can craft that documentation, the hard part is getting each company to go through their records and align policies and procedures with their unique organizational practices. What we call best practices do not necessarily translate to being applicable to their business. For example, best practice for an activity timeout could be 10 minutes. However for your business, perhaps it makes sense to extend that time period to 30 minutes. 

 

No Multi-factor Authentication (MFA)

We’ve discovered that most companies either have MFA partially applied or not applied at all. Meaning maybe these entities are using Microsoft 365 and have activated MFA for when they’re logging into that environment. That is not sufficient. Part of the requirement is you need to have multifactor turned on even when you are logging on locally. Meaning when you turn on your laptop and type in a password, you should also have to have a second factor to access your laptop. From what we’ve seen in our assessments, this step almost never happens.

The struggle here may be that additional resources and tools need to be procured, which adds another cost. Also, a lot of the remediation we assist clients with circles back to a culture change being a huge challenge. 

 

Shared Accounts

Perhaps your IT group has one generic, admin user ID with a shared password. While this ID is only assigned to IT, it could be leveraged by multiple people. This practice creates an accountability issue because it becomes difficult to identify exact users. Another example would be a shared computer on the floor of a manufacturing company, used by 10 people. A lot could happen between those 10 users, making it challenging to tell which one of the users performed what tasks or even who executed a potentially malicious act. 

In a similar vein, it’s also relatively common for companies to mistakenly or intentionally provision users accounts that grant individual works outside of management with admin access. It’s pretty easy to see how this could go horribly wrong. While many users do not notice or act on this level of access, it does open up the entity to all sorts of security issues. 

 

If your organization would like assistance in determining their current security posture, including assessing whether or not they need to remediate these common issues, give us a call. We will be happy to work with you to identify compliance gaps, craft a plan to address any issues, and help your company improve its SPRS score. 

CyberSheath Blog

2022 in Review: The CyberSheath Story Expands

This year marked a deluge of messaging about the Cybersecurity Maturity Model Certification (CMMC) and federal contractors were rightfully confused. With our keystone event, CMMC CON, we aimed to set the record straight and offer the best guidance for those in the Defense Industrial Base (DIB).   CMMC CON 2022…

CyberSheath Endorsed by Frost & Sullivan in First Independent Analyst Commentary on CMMC

Independent analyst firms have weighed in with commentary on nearly every discipline of information technology. Security has garnered a large portion of that IT discussion, yet until recently, Cybersecurity Maturity Model Certification (CMMC) compliance has been left out.   Frost & Sullivan changed that by selecting CyberSheath as its preferred…

Be Prepared: CMMC 2.0 Is Coming

Cybersecurity is increasingly important to safeguard your company, your customers, and your partners. We're moving into a global cyber era and we've got to get better at protecting ourselves.   Our adversaries are capitalizing on the lack of security controls in place in the defense industrial base (DIB) and we…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO