Cyber Essentials Section 4 - Malware Protection

The Cyber Essentials is a UK government-backed framework which is designed to assist organisations in protecting themselves against common threats.  The Cyber Essentials provides a basic cyber security foundation that can serve as a stepping stone to a more comprehensive zero-trust approach. The Cyber Essentials is built on 5 key components that, when implemented correctly, can reduce cyber risk.  The five key components are:

1. Firewalls and Boundary Devices
2. Secure Configurations
3. Access Control
4. Malware Protection
5. Patch Management

Tenable has released a series of reports that focuses on each of the five basic technical controls, which organisations can use to help strengthen their defences against the most common cyber threats.

The focus of this report is Section 4 - Malware Protection. Malware threats are one of the most common and damaging cyber threats.  The primary objective is to defend against threats, such as malware, viruses, ransomware, and others.  Section 4 ensures you have an active protection in place for protection.  Active protection helps prevent business disruptions from downtime, and costly recovery efforts.  

Compliance with Section 4  builds trust with customers and suppliers by demonstrating that your organisation takes cyber security seriously. Compliance also assists in meeting contractual and regulatory obligations, and may provide a competitive advantage.

This key component applies to all the following in scope devices: Boundary Firewalls, Desktop Computers, Laptops, Routers, Servers, Iaas, PaaS, and SaaS devices.  Some items to focus on within this key component are:

• Ensuring Anti-Malware software is in use
• Ensuring Anti-Malware software is kept up to date
• Ensuring applications are protected against malware and exploitation

This report contains the following chapters:

• Executive Summary - The Executive Summary provides several tables displaying an overview of malware protection compliance checks, top 100 malware vulnerable hosts, outdated anti-virus clients, and a malware exploitability matrix. 

• Anti-Virus Details - The Anti-Virus chapter provides a summary table  of the top 10 anti-virus concerns, followed by an iterator providing anti-virus details captured from plugin output.  Details include anti-virus signature information, version information, and information related to the anti-virus installation, as available for each product identified during a scan.

• Malware Details - The Malware Details chapter provides a summary table  of the top 10 malware concerns, followed by an iterator providing detailed information on malware related concerns that have been identified in the environment.  Cross references, and remediation steps are included when available for each identified malware concern.