With the Russia-Ukraine conflict entering its second month, and dark warnings from the US government about potential retaliatory cyber-attacks from Russian hackers, there’s one US Agency that all companies should be familiar with – the CISA, or Cybersecurity & Infrastructure Security Agency (cisa.gov). The ongoing, and increasingly important, mission of the CISA is to reduce and deter cybersecurity risks across U.S. critical infrastructure.
To assist the private sector in their efforts to avoid being hacked, the CISA has created a free, living repository of cybersecurity tools and services that companies can access to help analyze and bolster the measures they may already be taking. Here’s the link: https://www.cisa.gov/free-cybersecurity-services-and-tools; but for quick reference, following are five foundational measures that every company should implement for a strong cybersecurity program. And before you start reading them, here’s piece of good advice: take these precautions seriously.
- Fix the known security flaws in software. Check the CISA Known Exploited Vulnerabilities (KEV) Catalog for software used by your organization and, if listed, update the software to the latest version according to the vendor’s instructions
- Implement multifactor authentication (MFA). Use multifactor authentication where possible. MFA is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before the service grants you access.
- Halt bad practices. Take immediate steps to: (1) replace end-of-life software products that no longer receive software updates; (2) replace any system or products that rely on known/default/unchangeable passwords; and (3) adopt MFA (see above) for remote or administrative access to important systems, resources, or databases.
- Sign up for CISA’s Cyber Hygiene Vulnerability Scanning. Register for this service by emailing vulnerability@cisa.dhs.gov. Once initiated, this service is mostly automated and requires little direct interaction. CISA performs the vulnerability scans and delivers a weekly report. After CISA receives the required paperwork, scanning will start within 72 hours and organizations will begin receiving reports within two weeks. Note well: vulnerability scanning helps secure internet-facing systems from weak configurations and known vulnerabilities and encourages the adoption of best practices.
- Get your Stuff Off Search (S.O.S.). While zero-day attacks draw the most attention, frequently, less complex exposures to both cyber and physical security are missed. Get your Stuff Off Search, and reduce internet attack surfaces that are visible to anyone on web-based search platforms.