Way way back in October 2016, the British Signal Intelligence (and much more besides) operation GCHQ gave birth to an industry facing computer security advisory outfit; The National Cyber Security Centre; NCSC.
Over the last five years we have seen some really excellent advice come out of NCSC, including the Cyber Essential and Cyber Essentials Plus certification programmes which are a good starting point for building Cyber Security into the workings of a business, rather than trying to bolt it on the side – often a futile endeavour in our experience.
During the ongoing COVID-19 pandemic, the NCSC has been supporting the NHS to minimise the risk of disruption and very likely deaths, which may well be the outcome of Ransomware or other attacks. These, of course, have been steadily on the rise during the pandemic. One man’s war is another’s opportunity.
You may want to go back and read that last paragraph again, then hide your hats so you don’t have to eat them.
That’s right! One Taxpayer-funded Government body effectively assisting another. Wowser.
As a result of providing this assistance, NCSC has had a very large estate to investigate. Two Meeellion Endpoints , no less. One can only imagine the technical type rubbing their hands with glee at the prospect.
As a result of this work, the NCSC has released a paper about Endpoint configuration management, in this case using Microsoft Defender for Endpoint (formerly known as Defender ATP), which of course is used by the NHS, which needs to utilise the major return on investment provided by using the Microsoft stack as much as the licensing provides (and that is often a very long way).
Amongst the most significant of the findings is that Microsoft Defender For Endpoint can be used to identify and report on an estate at massive scale and can then be used effectively to execute best practice configuration, significantly reducing risk.
It turns out that best practice configuration is usually not the default configuration. Clearly from a vendor’s perspective, things should just work straight out of the box, presumably saving on customer whinging and support calls. The downside of course is that in order to do this there are many ‘allow everything’ configuration points. Very rarely locked down post-deployment.
A more straightforward explanation might be this: ‘How many features of Microsoft Word do you use?’.
This, of course, is a hackers playground, responsible for lateral infection time after time.
It is absolutely no coincidence that Tiberium’s two managed service products FROST and MYTHIC are built on a solid onboarding methodology that configures best practice automatically at deployment time, providing pre-deployment, post day one and ongoing security scoring. Our customers have a real-time view and can manage investment and report to the board straight away in days, not months.
It really isn’t as hard as herding Cats. Also, our remediation is automated, as is the adversary’s attack infrastructure.
Furthermore, we have selected the Microsoft stack as our target market. We believe that the time for multiple siloed technology stacks, especially for midsized businesses is over. The functionality available from Microsoft, when appropriately configured and managed, provides a very high level of protection. And we can prove it.
Please have a read of the NCSC work, a relieving example of the UK Government ‘doing the right thing’. If you want us to show you how we can herd these cats without using up any of the nine lives, please contact us.
Prince who died five years ago this week only wrote one song about cats and it was clearly not at the height of his creativity. Velvet Kitty Cat indeed Mr Prince.
In the meantime we can make it Cool For your Cats. Call us.
Happy Set George’s Day.