Control 7 Mapping to the NIST Cybersecurity Framework
9 hours 54 minutes
Hey, everyone, welcome back to the course. So in the last video, we just took a brief overview of control number seven, which again is regarding email and Web browser protections.
In this video, we're just gonna take a look at how that maps up to the next cybersecurity framework.
So sub control 7.1. We're talking about ensuring the use of Onley fully supported browsers and email clients, Right? So we don't want someone downloading their Yahoo ride or creating a shortcut to their Yahoo mail or using like Proton male, for example, if we don't want them to. If we do have unauthorized into, we also don't want them using like Firefox or,
heavens forbid, Internet Explorer, right?
So we don't want them using browsers that we aren't saying they can use right. So if we tell everybody they have to use like Firefox, for example, then we don't want people downloading Google Chrome and using that
sub control 7.2 disabling, unnecessary or unauthorized browsers or even email client plug ins or brother plug ins. So we just want to make sure that people aren't downloading things that they shouldn't be, or installing things that could be used to exploit our network
flood control 7.3 Limiting the use of scripting languages specifically in the Web browsers and through our email clients. Right? So we don't want people just running their own scripts. Just because it makes it easier on them doesn't mean that that's not a vulnerability or an opening or potential opening for someone to come into our network. So we want to make sure we limit that stuff.
Self control 7.4 So what we're talking about maintaining and enforcing network based your oil filter. So again, we want to make sure that you're not going to you or else that you shouldn't be.
7.5 is talking about subscribing to your ill categorization service, just really identifying where people can go. So as an example, I work for an organization that didn't want anyone to go use like Google, right so you could go search on Google, but you couldn't use like Google docks at all, etcetera. You can check your Gmail, that sort of stuff.
and so they went ahead and they implemented that. So if you went Teoh google dot com, you were fine, right But if you clicked on like if you're even the either clicked on it or you tried Teoh, type in doc's dot google dot com to go look at Google Docks. You will get a warning and would block it, right? So that's what we're talking about. What? The's u R l things. We just want to block
certain places for employees to g o. And it really depends on your organization and what you have in place on where you want to block for your particular employees.
Some control. Some 0.6 talking about lugging all your l request
and really just aggregating those and so that maps up Tunis Cybersecurity Framework D A Dash three
and sub control 7.7. Talking about the use of DNS filtering services.
We just want to basically make sure we know where people are going right. We don't want them connecting two things. They shouldn't be
some control. Some 0.8 talking about implementing DeMARE for he email and enabling receivers side verification as well.
So just making sure that
did this person actually send the email write. This is actually from the legit source or was email spoofed in some capacity.
Some control, some 0.9 talking about blocking unnecessary file types. So
do people need to really have adobe flash file types allowed? Probably not right. Most people aren't even going to be using Adobe Flash in any capacity. One thing to keep in mind those if you build like educational courses through some software out there, there's still
pushes out the content created in Adobe Flash File. So really depends on your organization, right? But that's an example where in most cases you're gonna be blocking the unnecessary file types.
You can also use things
native to like Windows, for example, right like user account control to block someone from being able to run executed ALS on their machines. So again, it's going back through blocking things that they don't at. The end user doesn't actually need
some control. 7.10 Sam Boxing all email attachments. How many companies actually really do this one? Right? They should, because I'd be a great thing to do. But really, what we're seeing with phishing attacks specifically is employees click on the link right. They download the Excel File that says this urgent invoice from
overseas that you know, the CEO needs you to pay or whatever.
And then ban. There's malware on the company systems, right? So this is where we're talking about sand boxing, those types of things. And there are some various tools in the industry out there that you need for that. Or you can just run your users in some capacity and virtual machines or other sand boxing that you want to do. So just sand boxing those email attachments. So if there is malicious code in them
when the user clicks on them, it doesn't spread throughout the network.
So in this video, what has talked about Control number seven and how it maps up to the new cybersecurity framework again? Control number seven is all around email and Web browser protections.
In the next module, we're gonna take a look at Control number eight, which is around Mauer defenses