Cyber Essentials is a UK government-backed certification scheme that aims to help organisations protect themselves against common cyber threats, such as malware. In order to meet the Cyber Essentials control for malware protection, organisations must implement certain security controls and practices to ensure that their systems are protected against malware.
Here are some steps that organisations can take to meet the Cyber Essentials control for malware protection:
- Implement Anti-Malware Software: One of the most important controls for protecting against malware is to implement anti-malware software. This should include both endpoint protection, as well as server-side protection to detect and prevent malware from running on systems and in the network.
- Regularly Update software: Software vulnerabilities are often exploited by malware, it's important to keep software up-to-date with the latest security patches and fixes to ensure that systems are protected against the latest threats. This is particularly important for operating systems, web browsers, and third-party software that may be installed on systems.
- Block suspicious email attachments: Email is a common vector for malware. Organisations should implement email filtering to block attachments that are known to contain malware or that are otherwise suspicious. Consider using email filtering solution, set a clear email policy and train the users to spot phishing and spam emails.
- Control access to removable media: Malware can also spread via removable media such as USB drives. Organisations should control access to removable media by configuring systems to block the execution of files on removable media or disabling the use of removable media entirely.
- Limit administrative privileges: Malware often requires administrative privileges to run and install, so limiting the number of users who have administrative privileges can help to reduce the risk of malware infections.
- Use a Firewall: A firewall can help to block unauthorised access to systems and network and prevent malware from communicating with command and control servers
- Continuously monitor and improve: Organisations should continuously monitor their systems for signs of malware and respond to infections quickly, incident management protocols must be implemented, and a incident response plan must be in place. In addition, organisations should regularly review their security controls and practices to ensure they are effective and make changes as necessary.By implementing these controls and practices, organisations can meet the Cyber Essentials control for malware protection and reduce the risk of malware infections. However, it's important to remember that cyber-security is an ongoing process and organisations should continuously review and update their controls and procedures to stay up to date with the latest security risks and threats.