Global insurance broker Marsh has published the latest edition of its four-part cyber resilience report, focusing on key controls to strengthen cyber security.
In its new four-part series, Marsh will explore 12 recommended cybersecurity controls and their characteristics and requirements. For the second part, released this week, Marsh focused on:
- Privileged access management (PAM);
- Endpoint detection and response (EDR); and
- Patch and vulnerability management.
According to the report, PAM is a security technology offering an elevated or “privileged” level of access to protect accounts, credentials, and operations. Unlike “normal” access, privileged access may allow security or maintenance functions, system- or application-wide configuration changes, and the bypassing of established security controls through super user access.
So, what makes this control significant? When it comes to cybersecurity, Marsh explained that humans are often the weakest link. Therefore, with PAM running on the principle of “least privilege,” the users can only receive the minimum level of access required to perform their job functions.
The second significant cybersecurity control is EDR, a threat detection and response mechanism for an endpoint – a remote device such as a desktop, laptop, mobile phone, server, or Internet of Things (IoT) communicating with an internal network externally.
In its report, Marsh emphasised that monitoring endpoints helps detect and stop an attack before it spreads to the wider internal network. Additionally, EDR monitors and records activity on endpoints.
The recommended cybersecurity control is patch and vulnerability management, a capability to identify vulnerabilities on software and hardware devices that are likely to be used by cyberattackers to compromise a device and use it as a platform to compromise the network further.
As organisations always have a certain level of risk due to vulnerabilities in their IT environments, Marsh suggested a proper patch and vulnerability management function to reduce or eliminate the potential for exploitation and involve considerably less time, effort, and money than the response following a cyberattack.
Marsh claimed that adopting cybersecurity controls has become essential as many organisations went digital when the COVID-19 pandemic started and now that more cyberattacks are expected due to the conflict between Ukraine and Russia.
In the first part of its four-part series, Marsh also focused on three controls:
- Multifactor authentication (MFA) for remote access and privileged or administrator access;
- Email filtering and web security; and
- Secure, encrypted, and tested backups.