Wednesday, March 2, 2022

Businesses Must Be Vigilant About Cybersecurity Concerns



Companies are asked to stay vigilant because of the increased cybersecurity issue over the existing situation in Ukraine.

Rising geopolitical tensions in Ukraine and Russia have led to increased cybersecurity concerns. This was exacerbated when Russia mobilized its forces along the border and launched a series airstrike. The invasion saw cyber-attacks on the Ukrainian government, banks, and commercial websites in the weeks that followed.

The United States Cybersecurity & Infrastructure Security Agency has issued guidance to help firms strengthen and protect their cyber programs. This article provides information on the cyber threat and recommends actions to reduce risk for your company.

Steps to take to boost cybersecurity

CISA has issued guidance to organizations on the immediate actions they should take in order to protect their businesses from cyberattacks that escalate due to the conflict in Ukraine. Although the agency has yet to detected any threats, they advise firms to follow their recommendations to stay resilient and prevent future attacks.

Secure access controls

  • Staff should use strong, unique passwords that cannot be shared with other systems.
  • Review any accounts with administrative or privileged access carefully and delete old or unrecognized accounts. Accounts with privileged access or other rights must be managed carefully. Multi-factor authentication (MFA) is recommended where possible. Privilege can be used to access sensitive information or system administration.
  • Validate that remote access to the network of your organization and administrative privileges require MFA.
  • Verify that all ports and protocols not required for business purposes have been disabled by the IT support staff of your organization.

software-patching-300x150.jpgRegularly patch

  • Make sure your users have their desktops, laptops, mobile devices, and other software updated. This includes third-party software like browsers and office productivity suites. Turn on automatic updates if possible. Prioritize updates that address exploited vulnerabilities as identified by CISA. CISA also released a digital catalogue of tools that can be used to help critical infrastructure owners combat rising tensions.
  • Make sure your internet browsers and interfaces are updated for security vulnerabilities.
  • Ensure that all of your critical business systems are patched. Make sure that you have other mitigations in place for any vulnerabilities not yet fixed.

Make sure you test your backups

  • Verify that backups are working properly. To ensure that you are comfortable with the restoration process, test a restore from a backup.
  • Make sure you have an offline backup of your backup. This will ensure that you are always able to access it in case of an attack that causes data loss or changes to the system configuration.
  • Make sure that machine state, as well as any other critical credentials (such private keys or access tokens), are backed up.

network-monitoring-1-300x197.jpgLogging and monitoring

  • Make sure that IT security personnel are focused on quickly assessing and identifying any unusual or unusual network behavior. Allow logging to help you investigate any issues or other events.
  • Know what logs you have, where they are stored and how long they are kept. Ensure that logs are kept at least for one month if possible.
  • When working with Ukrainian organizations, be extra careful to inspect, isolate, and monitor traffic from them; carefully review access controls.

Network security

  • Make sure antivirus software is installed. Also, ensure that signatures are up-to-date and active on all systems.
  • Check to be sure your firewall rules work as they should – especially temporary rules that might have been left in place for a longer period of time.
  • Verify that your records regarding your internet footprint are accurate and current. This includes information such as which IP addresses are used by your system on the internet and which domain names are owned by your company. You should ensure that domain registration data is securely stored in accounts that support multi-factor authentication.
  • Do an external vulnerability scan on your entire internet footprint to ensure that all vulnerabilities have been fixed. Unpatched security vulnerabilities in internet-connected services pose a serious risk.

incident-response-300x256.jpgIncident response planning

To increase operational resilience, identify critical services and systems (banking and power/utilities, communications) to which you can create contingency plans.

Check that your incident response plan includes:

  • Designated crisis-response team with clear roles/responsibilities from members across the organization, including technology, communications, legal, and business continuity.
  • How to respond to an emergency outside of regular office hours and/or when the business system is down.
  • To ensure everyone understands their roles in an incident, conduct a tabletop exercise.
  • To ensure that critical data can quickly be restored in the event of ransomware attacks or other cyber-attacks, test backup procedures.
  • Conduct a test of the operation of industrial control systems and operational technology to verify that critical functions are still available if the network is down or not trusted.

Educate

  • Make sure that all teams within your organization are aware of the situation and the increased threat.
  • It is important that everyone within your organization understands how to report security incidents and why it is important to do so during times of high threat.
  • Boost your company’s IT security with the help of professional IT specialists.

It is a daunting task ensuring your companies cybersecurity systems meet all of the above criteria. SpartanTec in Columbia SC will perform a security audit to ensure your data and employees are secure. Call us today or complete the form to the right and our team of experts will contact you. We look forward to hearing from you. In the meant- stay vigilant.

SpartanTec, Inc.
Columbia, SC 29201
(803) 408-7166
http://manageditservicescolumbia.com/

Serving: Myrtle BeachNorth Myrtle BeachColumbiaWilmingtonFayettevilleFlorence, Charleston

No comments:

Post a Comment