Chapter 1: Fundamentals of Windows Security

In recent times, cybersecurity has become a hot topic throughout the world, and even more so with leadership teams and board members of major organizations asking the question: Are we secure? The short answer is no: no one is secure in today’s digital world, and the time has never been more critical to ensure that you are doing everything within your power to protect your organization and its users.

As we continue to receive daily news of breaches throughout the world, it is clear how severe the issue of cybercrime has become. To put it bluntly, we simply need to do a better job of protecting the data that we collect and manage within our organizations today. This isn’t an easy task, especially with the advancement of organized cyber and state-sponsored groups with budgets most likely far exceeding that of most organizations. As security professionals, we need to do our due diligence and ensure we identify all risks within the organization. Once identified, they will need to be addressed or accepted as a risk by leadership.

As a consumer, it is most likely that your data has already been breached, and there’s a chance your account information and passwords are sitting on the dark web somewhere. We need to work with the assumption that our personal data has already been breached and build better barriers around our data and account information. For example, in the US, purchasing identity protection as a service to monitor your identity can serve as an insurance policy if you incur any damages. In addition to this, the ability to place your credit reports on hold to prevent bad actors from opening accounts under your name is another example of a defensive approach that you can take to protect your personal identity.

Important Note

There are many identity protection plans available today; a couple of notable ones include Norton LifeLock (https://www.lifelock.com/) and Aura Identity Guard (https://www.identityguard.com/). For those in the US, you can lock your credit for free online at each of the Credit Bureau’s websites: Experian, Equifax, and TransUnion.

As the cybersecurity workforce continues to evolve and strengthen with more and more talented individuals, we want to help contribute to the importance of securing our data, and we hope this book will provide you with the necessary knowledge to do the right thing for your organization. As you read this book, you will not only learn the technical aspects of securing Windows, but you will also learn what else is necessary to ensure the protection of Windows and those who use it. Protecting Windows has become a lot more than making a few simple configuration changes and installing an antivirus (AV) tool. There is an entire ecosystem of controls, tools, and technologies to help protect your Windows systems and users. This means adopting a layered approach to protecting your devices, taking into consideration the network, applications, infrastructure, hardware, identity, monitoring, auditing, and much more.

As you read through this chapter, you will learn about the broader fundamentals of security and the principles behind the foundation that is needed to protect your Windows environment. Specifically, you will learn about the following topics:

• Understanding the security transformation
• Living in today’s digital world
• Today’s threats
• Ransomware preparedness
• Identifying vulnerabilities
• Recognizing breaches
• Current security challenges
• Focusing on zero trust