Cyber Essentials Section 4 - Malware Protection

The Cyber Essentials is a UK government-backed framework which is designed to assist organisations in protecting themselves against common threats.  The Cyber Essentials provides a basic cyber security foundation that can serve as a stepping stone to a more comprehensive zero-trust approach. The Cyber Essentials is built on 5 key components that, when implemented correctly, can reduce cyber risk.  The five key components are:

1. Firewalls and Boundary Devices
2. Secure Configurations
3. Access Control
4. Malware Protection
5. Patch Management

Tenable has released a series of dashboards, that focuses on each of the five basic technical controls, which organisations can use to help strengthen their defences against the most common cyber threats.

The focus of this dashboard is Section 4 - Malware Protection. Malware threats are one of the most common and damaging cyber threats.  The primary objective is to defend against threats, such as malware, viruses, ransomware, and others.  Section 4 ensures you have an active protection in place for protection.  Active protection helps prevent business disruptions from downtime, and costly recovery efforts.  

Compliance with Section 4  builds trust with customers and suppliers by demonstrating that your organisation takes cyber security seriously. Compliance also assists in meeting contractual and regulatory obligations, and may provide a competitive advantage.

This key component applies to all the following in scope devices: Boundary Firewalls, Desktop Computers, Laptops, Routers, Servers, Iaas, PaaS, and SaaS devices.  Some items to focus on within this key component are:

• Ensuring Anti-Malware software is in use
• Ensuring Anti-Malware software is kept up to date
• Ensuring applications are protected against malware and exploitation

Components

• Exploitable by Malware - Exploitability Matrix - This component is an indicator matrix of exploitable vulnerabilities. 
• Anti-Virus Summary - Outdated Anti-Virus Clients - The Outdated Anti-Virus Clients component can assist organizations in monitoring the network for outdated anti-virus clients.
• Anti-Virus Summary - Malware Protection Compliance Checks - The Malware Protection Compliance Checks component provides a summary of malware protection compliance checks. 
• Exploitable by Malware - Top 100 Malware Vulnerable Hosts - This component provides a host summary of systems with vulnerabilities that are known to be exploitable by malware.