Cyber Hygiene Actions

Hey you all, Its, Yoav. Thank you for coming back.

On this post I will tell you how simple hygiene actions (with no additional tools required) can be implemented within your network, preventing digital illness and unnecessary disruption exposure.

On our previous post, Cyber Hygiene basics, we saw the similarity between body hygiene and network cyber hygiene. We also realized that the first step towards cleaning our network would be mapping. The depth of your mapping will determine your future ability to implement the coming suggested actions. We recommend to detail as possible, however, we do understand that it consumes time and manpower effort.

Highly important to emphasize is that hygiene does not require spending money on technology and tools. On the contrary, we believe you should start simple with your existing tools and only once processes are controlled and stable, consider automation and enforcement.

How do we proceed? By prioritizing our actions.


Prioritizing is the place where the organization draws lines between his crucial assets that eventually makes the money and additional services that support the money-making process.  Since we cannot eliminate all risks, prioritization will segment our assets. Here is how to:

  1. Use blank new Word file.
  2. Define your most important network assets. list the things that can most negatively impact operations or finance in the case of a breach or a harmful event. Those are the places that you will focus when you will act to accomplish Cyber Hygiene approach.
  3. While doing the above, bring into account the biggest, most likely risks that can happen to your network. Do so by assessing segments/ volumes / share files and even data vulnerability. Take to account that devices that are connected to the internet are more vulnerable.
  4. Set priority to the network areas and devices. Write the most important and sensitive things in the top of the list and minor cases at the bottom. You can split the list into groups of classification and consider each group as an integrated unit to mitigate.

Categorizing network devices and software won’t just help you to get the most important tasks done quickly, it also allows you to better manage the IT and security workloads.


The ultimate step in the Cyber hygiene methodology is responding. Here are the actions that you can do to secure and reduce the likelihood of a cyber-attack. I divided the list into two categories: permanent actions (more like habits) and actions you should do periodically.

Let’s start with the top five permanent ones:
  1. Enforce password policies – change password every 3 months and strive to implement multi factor authentication (MFA). MFA dramatically decreases the ability to hijack access accounts. Also, out of other’s experience, alert your users not to use their home passwords at work.
  2. Don’t give access to users that don’t need it – employees who don’t need to have access to certain servers, information or network areas should NOT have access privilege to do so. It will prevent hackers from taking advantage of their permission to navigate through your network assets and steal whatever data they want.
  3. Encrypt your data – make data stealing more complicated. Now that your data is mapped, at least start with sensitive data.
  4. Monitor network changes. Enable the logs that indicate changes. Stay tuned.
  5. Change devices default passwords configurations. First attempt everywhere is using defaults. Don’t let anyone fool you, defaults can be changed, even retroactively.
Here are my top five periodical actions to consider:

You can determine the interval periods and you should set up a task list routine that should be done every period determined.

  1. Update Anti-Virus, software and hardware. Periodically check that the devices you think that are being updated actually are. Unfortunately, you may be surprised by what you reveal.
  2. Install security patches. Obviously, the critical ones.
  3. Restoration tests. Check if you can recover your core network assets backups.
  4. Periodical vulnerability assessment. Test your devices configuration.
  5. Check your documentation and the device records. Ensure it reflects your current state.

Although it might not be consider as hygiene, another important step is employees training.

Eventually, many attacks start with employees that have legitimate access and do mistakes or being manipulated to mistake. Teach them to avoid mistakes. Make them understand why certain action is a risky one. guide them how to act in the digital world. Here are some massages to pass:

  • Do not share passwords. Make them hard to guess.
  • Your personal devices should not enter the network, unless controls are implemented.
  • Do not press unidentified links and do not click suspicious attachments.
  • What is phishing and how to avoid phishing attempts.
  • Do not install unauthorized software on company’s assets.

Bottom Line

Implementing Cyber hygiene is not an IT standalone task.

Risks are a business problem and each organization will deal with it differently. The logic is simple, keep the network clean as possible, organized and updated. Once achieved and you will have less problems. If you do have a problem, it will probably be easier to find, analyze and respond to.

I invite you to start implementing cyber hygiene in your organization. If you need assistance or even deeper guidance, we at CST-360 would love to assist. Just contact us.

What are these posts?

These posts are the firsts out of some new series I will write about cyber world fundamentals.

My name is Yoav Berger, and I am an analyst at CST-360. I started a research process on cyber-related topics, and I wish to share what I have learned. Eventually, the goal of these posts is to help anyone who wants to improve his cybersecurity knowledge and give  fundamental cybersecurity tools that can be applied right away.

by Yoav Berger

Leave a Reply

Your email address will not be published. Required fields are marked *

More from our Blog

April 18, 2020
Is office space part of your strategy?

Could it be that organizations do not need office space anymore? Would it be fair to say that we can reduce a substantial part of our leased space costs? Imagine this: our employees are working remotely. Part of them are working from home, others sit in coffee houses or leased spaces next to their home. […]

March 1, 2020
Cyber Hygiene - Cloud

Do teeth brushing and cloud security correlate? Can teeth brushing save us money? Hey everybody. I'm Yoav and this the last and not least of our cyber hygiene post serious. This one is on implementing cyber hygiene on cloud environments. On our previous post “cyber hygiene – actions” we learned how good security practices and […]

February 17, 2020
Cyber Hygiene Actions

Hey you all, Its, Yoav. Thank you for coming back. On this post I will tell you how simple hygiene actions (with no additional tools required) can be implemented within your network, preventing digital illness and unnecessary disruption exposure. On our previous post, Cyber Hygiene basics, we saw the similarity between body hygiene and network […]

February 8, 2020
Cyber Hygiene Basics

Can you see the connection between personal body cleanse and computer network weaknesses? To my eyes, the connection is based on the term “Cyber Hygiene”. Does it ring a bell? What is Cyber Hygiene? to understand the meaning of this term, I want you to imagine... Imagine the world when people did not care of personal […]

January 4, 2020
Security Software as a Service

In the just ended decade cyberspace has change the way we live and operate. However, with so many cyber incidents and data breaches that impacted global business economy, the market understands that cybersecurity is a vital investment for businesses that wants to sustain their success. With this conclusion the cybersecurity realm received an enormous burst […]

April 30, 2017
CST-360 Protecting What Matters

Hello all, Welcome to our website blog. In this blog, we care to share our thoughts and insights on Cyber Security processes and business outputs, as we believe that governing your cyber defense operations will give your organization the highest value regardless of your tools and solutions. Our moto "protecting what matters", reflects the need […]

May 17, 2017
Governance Against Malware

In the past two weeks, all we hear are #WannaCry, #WannaCrypt, and the world’s biggest cyberattack. However, eventually, protecting against these and other malware,  is still a good Patch Management process. Nothing more. No extra security tools and no extra cost investments. So with no further due, just invest in good practices. Govern your IT and […]

December 31, 2018
2019 - New Year Predictions

Humbly and with respect, I admit that 2018 was very good for us @ CST-360.We had some new fascinating engagements that started and will continue into the new year with new technologies, new business models and above all new BUSINESS RISKS to address. What should we expect of coming 2019? Here are the three bullets […]

Visit Our Blog 

Leverage your business, 
while protecting what matters

Let's Plan Your Security
lockplusunlockunlock-altcopyrightcross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram