McAfee Guide to Implementing CESG "Ten Steps to Cyber Security"

Real-time automated and human decision, detection, and analysis systems for resilient cyberdefense

Next Steps:

Overview

In order for the government to realise the value it can achieve through digital services, the resilience of systems must be assured and enterprises must improve their capability to defend against continuous cyber assaults.

The "10 Steps to Cyber Security" guidance, produced by Communications-Electronics Security Group (CESG), the information security arm of the UK Government Communications Headquarters (GCHQ), represents a template for threat prevention capabilities that will help enterprises tangibly improve their cyber defence capacity and the resilience of their digital systems.

McAfee has outlined five measures we believe will help organisations successfully implement the CESG guidance to improve their cyber resilience and security posture.

EMEA Regulations: Stay compliant
Operationalise Intelligence-Driven Response
McAfee Security Connected Platform for the Public Sector

Key Benefits

  • Develop a successful information security risk management programme
    Incorporating cyber risk factors into like business decisions (regarding service assurance or new service deployment) can ensure that security becomes operational in the organisation.
  • Employ baseline secure configurations of system architecture as an essential component of cyber risk management
    Allow easy deployment of additional baseline security controls with McAfee ePolicy Orchestrator (McAfee ePO) software. One of the most important functions in this process is selecting the additional security controls that will harden the system against a variety of threat vectors.
  • Programmatically and effectively combat attack vectors
    Malware is the tool of choice for any cyber attacker and has many potential vectors into an organization. Implementing the McAfee architectural approach, with its foundational products and services, will dramatically reduce an organisation’s overall attack surface.
  • Use McAfee’s “10 Steps to Cyber Security” recommendations to protect both the internal and external network boundaries
    Network security has evolved from simply controlling access to addresses to identifying and controlling application access across multiple security zones of the organisation.
  • Detect or anticipate a security breach
    With the sophistication and persistence of malicious cyber activity, combined with the increasing complexity of security information, detecting or anticipating a security breach requires an organizational monitoring and intelligence strategy, trained specialists, and a 24/7 Security Operations and Intelligence Center.

Partner Solutions

Cyber-Ark Software

Cyber-Ark Privileged Identity Management (PIM) Suite integration for McAfee ePolicy Orchestrator (ePO) software provides near real-time alerts and a view of privileged user activity for critical IT assets — including servers, databases, networking components, and applications — across the data center. This greater visibility enhances situational awareness and incident response.

Fox Technologies

The integration of Fox Technologies (FoxT) solutions with McAfee ePolicy Orchestrator (McAfee ePO) software allows the management of authentication and authorization policies for users with both elevated and normal privileges to servers and applications. The integration also enables the use of McAfee ePO software for both solution deployment and reporting.

Products

Database Security

McAfee Database Activity Monitoring

Boost your overall database security with reliable, real-time protection against external and internal threats across physical, virtual, and cloud environments. McAfee's activity monitoring sensors require no costly hardware or changes to your existing system architecture, giving you an easy-to-deploy, highly scalable database security solution. The sensors immediately detect any kind of unauthorized or malicious behavior and terminate it without significant impact to overall system performance. McAfee Database Activity Monitoring greatly simplifies your database security management and helps ensure compliance with PCI DSS, SOX, HIPAA/HITECH, SAS 70, and many other types of regulations.

McAfee Vulnerability Manager for Databases

Know the exact location and vulnerability level of all your databases. McAfee Vulnerability Manager for Databases gives you complete visibility into your overall database security posture, providing you with a detailed risk assessment across more than 4,700 vulnerability checks. Get clear classification of database security threats into distinct priority levels, fix scripts, and expert remediation recommendations that better prepare your organization for audits and compliance with regulatory mandates.

Email & Web Security

McAfee Web Gateway

McAfee Web Gateway, deployed on-premises with appliances or in a virtual environment, offers powerful, proactive protection against zero-day threats, spyware, and targeted attacks. Web Gateway combines this advanced security with flexible, granular control, enabling your business to take maximum advantage of the web without compromise.

Endpoint Protection

McAfee Application Control

McAfee Application Control software provides an effective way to block unauthorized applications and code on servers, corporate desktops, and fixed-function devices. This centrally managed whitelisting solution uses a dynamic trust model and innovative security features that thwart advanced persistent threats — without requiring signature updates or labor-intensive list management.

McAfee VirusScan Enterprise

McAfee VirusScan Enterprise combines anti-virus, anti-spyware, firewall, and intrusion prevention technologies to stop and remove malicious software. It also extends coverage to new security risks and reduces the cost of responding to outbreaks with the industry’s lowest impact on system performance.

Network Security

McAfee Network Security Platform

McAfee Network Security Platform is a uniquely intelligent security solution that discovers and blocks sophisticated threats in the network. Using advanced threat detection techniques, it defends against stealthy attacks with extreme accuracy at speeds of up to 80 Gbps, while providing rich contextual data about users, devices, and applications for fast, accurate responses to network-borne attacks.

Risk& Compliance

McAfee Policy Auditor

McAfee Policy Auditor automates data gathering and assessment processes required for internal and external system-level IT audits and IT security certification.

McAfee Vulnerability Manager

McAfee Vulnerability Manager, with its McAfee Asset Manager feature, delivers unrivaled scalability and performance, actively or passively canvassing everything on your network.

Security Information and Event Management (SIEM)

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours.

Security Management

McAfee ePolicy Orchestrator

McAfee ePolicy Orchestrator (ePO) is a key component of the McAfee Security Management Platform, and the only enterprise-class software, to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security.

Services

McAfee Foundstone Strategic Consulting Services

McAfee Strategic Security Services can aid your organization in developing programs based on tried and tested principles. Our consultants work to determine the effectiveness of your existing programs and the desired end state. We then provide a road map to bridge any gaps in a cost-effective manner. Our program development services span a number of functional areas within the larger information security framework.

McAfee Foundstone Practice

McAfee Foundstone guides enterprises of all sizes on the best ways to maintain a strong security posture. Our teams of security experts assess network vulnerabilities, evaluate gaps in information security programs, offer strategies that meet compliance goals, and even help develop programs to prepare for security emergencies. McAfee Foundstone’s range of strategic and technical consulting services ensures businesses learn where they are at risk and build effective solutions to remediate security vulnerabilities.

McAfee Forensics and Malware Analysis

An Incident Response (IR) Program allows you to respond quickly, and minimize damage and downtime when attacks and exploits occur. McAfee Foundstone takes a comprehensive and proactive approach to help you cover all the bases.

McAfee Web Application Assessment Model

Foundstone’s capability in secure application development originates with our software and application security service (SASS) consultants, who have performed threat models and source code audits on numerous client applications, as well as their own software.

Community

Blogs

Threats and Risks