News

NSA Official Says 3 Steps Can Thwart Cyberattacks

Computer systems with proper security and network controls should be able to withstand about 80 percent of known cyberattacks, according to a senior National Security Agency (NSA) official.

There are common steps that people can take to bolster computer security and make it more difficult for would-be-hackers to gain access, Richard Schaeffer Jr., the NSA's information assurance director, told the Senate Judiciary Committee's Terrorism and Homeland Security Subcommittee on Tuesday. He identified three measures in particular as being especially effective.

"We believe that if one institutes best practices, proper configurations [and] good network monitoring that a system ought to be able to withstand about 80 percent of the commonly known attack mechanisms against systems today," Schaeffer said in his testimony. "You can actually harden your network environment to raise the bar such that the adversary has to resort to much, much more sophisticated means, thereby raising the risk of detection."

Schaeffer said NSA works directly and indirectly with vendors to develop and distribute configuration guidance for software and hardware. Since 2005, NSA has worked with Microsoft, the U.S. military, the National Institute of Standards and Technology, the Homeland Security Department and the Defense Information Systems Agency to establish consensus on common security configurations for Microsoft operating systems, he said.

For example, Schaeffer said the announcement by Microsoft of the release of Windows 7 was quickly followed by the release of the security configuration guide for the operating system. He said that NSA, in partnership with Microsoft and parts of the Defense Department, was able to enhance Microsoft's operating system security guide without hampering a user's ability to do everyday tasks.

"All this was done in coordination with the product release, not months or years later during the product lifecycle," he said in prepared remarks.

About the Author

Ben Bain is a reporter for 1105 Media.

Featured

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

  • Microsoft Offers 1 Year of Free Windows 7 Extended Security Updates to E5 Licensees

    Microsoft is offering one year of free support under its Extended Security Updates program to Windows 7 users if their organizations have E5 licensing.

  • SQL Server 2019 Licensing: How Much Does It Cost and What's Included?

    Microsoft has clarified the more confusing elements of SQL Server licensing and extended major benefits to customers. The catch is that Software Assurance is required to take advantage of them.

  • What Happens When You Use a Virtual Reality Headset in Space?

    And now for something (almost) completely different, Brien sees how well a HoloLens-like headset weathers the unique conditions of a zero gravity flight.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.