An overview of CISA’s IT security recommendations
By Mike Gilmore, Chief Technology Officer
The heightened geopolitical tensions due to Russia’s attack on Ukraine has prompted multiple agencies and regulators to warn businesses of all types to be on the alert and be prepared to respond to potential attacks.
CISA, the Cybersecurity & Infrastructure Security Agency in their recent “SHIELDS UP” notice:
“While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region. Every organization—large and small—must be prepared to respond to disruptive cyber activity.
CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
In short, the specifications boil down to this: Formally review your cybersecurity program and make sure it includes the following …
- Air-gapped backups of critical servers and applications
- Patching policies and procedures for Microsoft and other standard applications
- Email security (antivirus, antispam) fully enabled
- Multi-factor Authentication (MFA) in place for remote and administrative access.
- Security Awareness Training for all employees on cyber security threats and procedures, particularly email and spam. Be especially aware of bogus news or charity appeals around the Ukraine situation.
- Regular testing of your backups and recovery procedures
- Scanning for, identifying and fixing vulnerabilities on all network devices on a regular basis
- Restrictions of IT activity and protocols to business requirements
- Network alerts when changes occur or when threats are found
In addition to the above recommendations, I recommend that you stay abreast of the latest security alerts from CISA. You can follow them on social media or subscribe to their email alerts here: https://public.govdelivery.com/accounts/USDHSCISA/subscriber/new?qsp=CODE_RED
If you need additional guidance, contact RESULTS’ Office of Compliance and Security and we will be glad to assess your current IT security posture and make specific recommendations.