As technology consultants and advisors, Anders wanted to take the opportunity to share important information about cybersecurity as organizations around the world are asked to be on a heightened level of alert due to the current conflict between Russia and Ukraine. As of today, news headlines are indicating that America could be the target of escalating cyberattacks so taking the time to be vigilant and alert with cybersecurity best practices is important.
In the United States, the US Cybersecurity and Infrastructure Agency (CISA) has been working continuously to provide updated information on the conflict between Russia and Ukraine. So much so, they launched the “Shield’s Up” initiative to guide organizations to appropriate cybersecurity posture for protecting critical assets.
What does this mean for your organization?
Russian advancements are, both kinetic and cyber. There will certainly be more cyber attacks to come which is why you will find “Shields Up” on the front page of cisa.gov. Their goal is to:
- Reduce the likelihood of a damaging cyber intrusion
- Take steps to quickly detect a potential intrusion
- Ensure that the organization is prepared to respond if an intrusion occurs
- Maximize the organization’s resilience to a destructive cyber incident
Further suggested recommendations that may be a significant help:
- Organizations should block countries through their appliances and services, such as firewalls and Microsoft services. Consider blocking the countries that have no reason to communicate with your organization. For instance, if you are only working in North America, why allow any country outside of the United States, Mexico, or Canada to communicate with the organization’s network? Blocking this access helps put up an appropriate barrier against cyberattacks from other countries.
- If multi-factor authentication has not been enabled, do it now. Also, turn off legacy authentication to prevent circumventing multi-factor authentication.
- Make sure the entire organization is protected by a top-tier antivirus software and is connected to 24x7x365 monitoring of the antivirus software by security professionals.
- Eliminate computer operating systems that are no longer receiving security updates, i.e., Windows 7, Windows XP, Windows Server 2003/2008, or at least disconnect network access to these systems.
- Make sure the incident response plan (IRP) is up to date.
- Check to make sure backups have run successfully and mission-critical items are backed up. Verify a recent copy of backups are air-gapped/completely inaccessible from the network.
- Leadership, if cybersecurity objectives have historically been ignored or discarded, please reconsider support for the objectives.
Implementing a cybersecurity strategy takes a significant amount of resources and continuously evaluating the effectiveness as new threats arise. Even a dedicated in-house IT employee will most likely need assistance with such a large specialized task. Anders Technology offers the tools, training and managed IT services necessary to keep your company protected, now and in the future. Contact an Anders advisor below to discuss your specific needs.