How Puppet Provides Cybersecurity Resilience
Providing cybersecurity resilience is important to Puppet. Here, we share guidance on cybersecurity resilience using Australia as an example.
Table of Contents:
- Why Cybersecurity Resilience Is Important
- Example: Cybersecurity Resilience in Australia
- How to Increase Cybersecurity Resilience
- 8 Ways Puppet Improves Cybersecurity Resilience
Why Cybersecurity Resilience Is Important
You only have to read regular news reports about the multiple outages across household names in banking and financial services, resulting in customers being unable to access their bank accounts, to know that cybersecurity resilience has never been more important and is on every organization’s radar.
The threat of regulatory action, heavy fines, and the potential loss of banking licenses is very real. As a result, companies are investing in their digital infrastructures to prevent data breaches, tech failures, and system outages.
Example: Cybersecurity Resilience in Australia
Maintaining trust and integrity in the financial system is paramount. The Australian Securities and Investments Commission (ASIC) is working with Industry and other Regulators to support enhanced cyber resiliency and security in line with the Government’s commitment to mitigating cybersecurity risks. They are driving industry readiness and compliance with standards set by law reform initiatives and through the use of regulatory tools aimed at improving consumer outcomes.
In my role at Puppet, I regularly meet clients who aim to enhance their technology security posture in response to cyber threats and to remain aligned to Australian Signals Directorate (ASD) guidelines and evolving industry best practices.
The ASD is responsible for foreign signals intelligence, support to military operations, cyber warfare, and information security, and has a long history of cybersecurity excellence. They lead the Australian Government’s efforts to improve cybersecurity to help make Australia an extremely secure place to connect online. Their parent agency is the Department of Defence.
ACSC Essential 8
Based within the ASD is the Australian Cyber Security Centre (ACSC) who have published the Essential Eight, a series of baseline mitigation strategies taken from the Strategies to Mitigate Cyber Security Incidents recommended for organisations. Implementing these strategies as a minimum makes it much harder for adversaries to compromise systems.
The federal government is set to mandate the Essential Eight cybersecurity controls for all 98 non-corporate Commonwealth entities. This is a big deal for anyone in banking and government.
In the 2020-21 financial year, ACSC has responded to 1,630 cybersecurity incidents, and a high proportion of these incidents were categorised as “category four” or “substantial in impact.” ACSC triages cybersecurity incidents based on the severity of impact and extent of compromise using six categories, with “category one” — or incidents that impact national security, essential services and critical infrastructure — being the worst. This is a change from the previous financial years, when the highest proportion was at category five. ACSC have said this was partially due to “obligations to report significant cybersecurity incidents to the ACSC” and “may not necessarily reflect an increased susceptibility.”
How to Increase Cybersecurity Resilience
Cybersecurity is becoming more of a priority for company leaders than ever before. Four in 10 (39%) organisations are putting cybersecurity on their board agendas quarterly, up from 29% in 2020.
With the pandemic and increased remote work contributing to a rise in cyber attacks, it’s more important than ever for IT teams to know what risks their organisations are facing and how to address them correctly. CISOs and other security leaders are struggling with inadequate budgets, regulatory fragmentation, and disconnection with the functions that need them the most. These results are detailed in EY's Global Information Security Survey 2021 (GISS).
Understanding how Puppet adds value to this is becoming the number 1 topic on agendas across my client base. Knowing how crucial this is to my client’s business, I summarise below a high level synopsis of how Puppet hardens the cybersecurity posture of customers.
8 Ways Puppet Improves Cybersecurity Resilience
- Application Control: Puppet restricts user access to reading and executing files as well as controlling what packages are allowed.
- Patch Applications: Puppet knows facts about each node and can determine the difference between an OS or Application patch vs security patch, allowing these to be prioritised. In addition, Puppet can automate the reboot of the service, OS or application, ensuring vulnerabilities are not left behind.
- Configure Microsoft Macro Settings: Puppet provides an auditable control through its single central location, providing a simple and repeatable way of handling a continual compliant state.
- User Application Hardening: Puppet controls the configuration and hardening of applications into a single delivery platform. This allows users to deliver against these controls with the ability to manage huge variations across OS and version types, giving the ability to reuse and redefine as new security controls emerge.
- Restrict Admin Privileges: Puppet regularly reports on any changes to administrative accounts and automatically removes unauthorised changes by reverting back to previously defined configurations.
- Patch Operating Systems: Puppet’s automation capability ensures that only approved patches can be rolled out to an entire fleet regardless of size and variations, taking into account approved change windows with risk mitigations in place that can cancel the patch rollout if specified failure thresholds are hit, with reboots being completed as part of the patch process. This also significantly reduces the time to deploy patches.
- Multi-factor Identification: Puppet helps to ensure the smooth running of third-party MFA solutions by ensuring the infrastructure layer is in a secure and compliant state.
- Regular Back-ups: Puppet stores a backup of the configuration settings for every node, ensuring the infrastructure can be restored quickly post-outage.
Not using Puppet yet? Try Puppet Enterprise today!
Learn More
- The role of Ops in IT Operations security
- Why malware scanning is an important part of security
- Get the IDC Peerscape report on Autonomous Compliance Practices to Enable Resilient Digital Infrastructure
- How Puppet is securing against command injection vulnerabilities