In recent weeks, The White House held a cybersecurity press briefing with the Deputy National Security Advisor (NSA) for Cyber and Emerging Technologies, who urged "private sector partners to take immediate action to shore up their defenses against potential cyberattacks." This comes after earlier warnings from The White House for heightened awareness surrounding Russian cyberattacks.
The press briefing discussed evolving threat intelligence that Russia is exploring options for potential cyberattacks on the U.S. and its critical infrastructure. The potential malicious cyber activity is thought to be in response to the economic sanctions the U.S. has imposed on Russia. The NSA urged business leaders at all domestic organizations to take action to help protect the services that millions of Americans rely on against Russian state-sponsored malicious cyber activity stating, "Lock your digital doors."
At this time, everyone must be hyper-aware of the risks.
The White House released a FACT SHEET that outlines urgent steps and long-term best practices for securing organizations. The steps described in the federal fact sheet echo our long-standing best practices to fortify your organization against persistent, evolving cyberthreats.
From The White House Fact Sheet
Below are the individual steps as listed in the fact sheet along with educational how-to's from our extensive content library. As you will note, each of the urgent and long-term steps suggested are not new concepts or recommendations. You may already be familiar with some of these steps or have implemented several of these measures proactively.
EXECUTE WITH URGENCY
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- MFA can block 99% of account compromise attacks if deployed and adopted across the organization. Learn what multi-factor authentication (MFA) is and why it's an effective cybersecurity tool that enhances end-user security and data protection.
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Review this Cloud Security resource covering cybersecurity technologies, best practices, and strategies that protect your small to medium-sized business in the cloud.
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Patching is critical to network security. It helps your organization stay on top of newly discovered vulnerabilities, keeping you off the hacker's radar. If you are running on unsupported operating systems or software this can introduce a high-security risk that may compromise any systems connected.
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Whether data is corrupted, compromised, or lost, here are data resiliency questions every business leader should ask when thinking about their data backup solutions and recovery needs.
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Create or revise your business continuity plan (BCP) to continue business operations when disaster strikes your work environment. Then, put your BCP to the test with comprehensive tabletop exercises. Create a disaster scenario in a safe environment to challenge your current plan, and find what works and what doesn’t.
- Encrypt your data so it cannot be used if it is stolen;
- Encrypting data goes hand-in-hand with an effective data backup and recovery strategy.
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly;
- Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.
LONG-TERM CYBERSECURITY MATURITY
- Build security into your products from the ground up — “bake it in, don’t bolt it on” — to protect both your intellectual property and your customers’ privacy.
- If you develop software applications in-house or utilize apps from solution providers, understand how security is built into applications, whether in the cloud or on your servers. View Microsoft’s Security Development and Operations Overview as an example. Within your business, employing specific IT security strategies and policies makes a significant difference for leaders looking to create a culture of security within the organization.
- Develop software only on a system that is highly secure and accessible only to those actually working on a particular project. This will make it much harder for an intruder to jump from system to system and compromise a product or steal your intellectual property.
- Learn about identity and access management (IAM), how its capabilities have evolved, and why IAM is a critical line of defense. IAM is part of a greater Zero Trust strategy that improves your security posture and protects your organization in the cloud.
- Use modern tools to check for known and potential vulnerabilities. Developers can fix most software vulnerabilities — if they know about them. There are automated tools that can review code and find most coding errors before software ships, and before a malicious actor takes advantage of them.
- Proactive network monitoring helps your organization stay on top of network health & address potential issues before they disrupt productivity and result in costly downtime.
- Software developers are responsible for all code used in their products, including open-source code. Most software is built using many different components and libraries, much of which is open source. Make sure developers know the provenance (i.e., origin) of components they are using and have a “software bill of materials” in case one of those components is later found to have a vulnerability so you can rapidly correct it.
- It's critical to understand how your vendor builds security into their products. A good vendor management program will help you determine if a vendor is a good fit for your business and assess the potential risks they may bring.
- Implement the security practices mandated in the President’s Executive Order, Improving our Nation’s Cybersecurity. Pursuant to that EO, all software the U.S. government purchases is now required to meet security standards in how it is built and deployed. We encourage you to follow those practices more broadly.
Regardless of sector or industry, it is critical to know your cyber risks and take the necessary steps to reduce the likelihood and impact of a potential compromise. In addition to the above security recommendations, we also encourage organizations to secure cyber liability insurance. While cyber insurance will not prevent an attack, if you do experience a cyber incident, having cyber insurance coverage in place can reduce the financial impact on your organization.
For more information on combating cybercriminal activity, talk with one of our cybersecurity experts here at Systems Engineering. Call 888.624.6737 or email firstname.lastname@example.org. Clients, please reach out to your Account Manager directly.