Q: How can system administrators reduce the risk of an attack? What is the best way for them to support the cybersecurity team?
Here are the answers from the SecPro community members on if System Administrators Reduce Cyberattacks?
System administrators can help the cybersecurity team applying the hardening guidelines that we have provided to them and correctly configure any device in order to not generate error events that can mess-up our incident detection system (other than reduce the possible attack surface). The system administrators must follow our patch procedure applying and checking all the patches provided by vendors.
– Danilo, CISO
Tighten your current security system. Your system and all the software your organization uses offer guidelines for maximizing security controls that you should follow. Some are as simple as turning off unnecessary services or using the lowest privileges settings. Use patches. All it takes is a tiny hole in your system for hackers to poke their way in.
It’s critical to run regular scans of your security system and all software to keep them updated with patches. Protect outbound data. Just as you protect your system from incoming malware and bots with a firewall, you need to make sure certain data never leaves your system. It’s important to focus on egress filtering to prevent rogue employees or employees making honest mistakes from releasing sensitive data or malicious software from your network.
– Alain, Cloud Architect
What can a systems administrator do to protect against them? Defending systems against unauthorized access. Performing vulnerability and penetration tests. Monitoring traffic for suspicious activity. Configuring and supporting security tools like firewalls, antivirus, and IDS/IPS software.
For reducing the risk, a Sys Admin can also assess and manage risks, establish extensive cyber security policies, set strict password management rules, secure access to critical systems, separate duties, secure hardware & deploy reliable monitoring solution. However, the best way depends on a case to case basis.
– Avishek, Data Science
System administrator can help cyber security team by working as team during pre/post deployment. I believe the new concept of purple teaming whereby each department sit down together as one to discuss, elaborate, and share experience regarding the impact of having infrastructure without cybersecurity in their mind – not to blame them because they were not cybersecurity aware!
– Maher, First Responder at MSS
The SecPro is a weekly security newsletter to help you stay sharp and upgrade your skills with trending threat insights, practical tutorials, hands-on labs, and useful resources. Build skills in as little as 10 minutes. Join the newsletter here.