In light of current world events, organizations and individuals should be hyper vigilant about proactively monitoring for cyber threats and taking extra measures to protect data and assets.
Even under normal circumstances, data and critical infrastructure are vulnerable, and we recommend the following, at a minimum:
- Rigorously follow software maintenance practices for infrastructure and applications. A surprising number of cyber attacks succeed simply because an enterprise isn’t running the latest versions of mission-critical software.
- Be thoughtful about access security. In a world where most or all employees are remote, access points merit extra protection.
- Avoid vulnerability with multi-factor authentication. Multi-factor authentication (MFA) requires multiple steps in addition to a password, such as a texted authorization code.
- Maintain a “zero trust” environment. Regardless of whether the same person is doing the same task every day, a zero trust environment assumes nothing and ensures that all parties remain vigilant.
- Protect backed-up data. Nearly every enterprise has storage limitations, so this practice requires a comprehensive data maintenance program that complies with changing regulations (according to industry and geography) and allows for proper storage, backup and deletion of data.
- Continually provide and update security training. IT staff and users across the enterprise must be enlisted in the effort. Employees on the front lines, interacting with customers, suppliers, partners and others, are frequently targets of these attacks and must continually be educated about the latest threats so they can identify them and alert the enterprise security team before they are compromised.
Currently, with cyber attacks on U.S. organizations ramping up daily, here is what we know and also recommend:
While there are no specific or credible cyber threats to the U.S. homeland based on world events at this time, some activity may impact organizations both within and beyond world regions experiencing conflict. Every organization—large and small—must be prepared to respond to disruptive cyber activity. Many of the nation’s cyber defense agencies, including CISA (Cybersecurity & Infrastructure Security Agency) stand ready to help organizations prepare for, respond to, and mitigate the impact of cyber-attacks. When cyber incidents are reported quickly, organizations such as CISA can use the reported information to offer aid and also enable a warning system to prevent other organizations and entities from falling victim to similar attacks. Using the list provided and guidance from other organizations, I believe we have the foundational resources, guidance, and information that can help us defend our critical digital assets against compromise.