As the nation’s cyber defense agency, CISA helps organizations prepare for, respond to, and mitigate the impact of cyberattacks.
CISA’s Shields Up campaign is a heads-up to every organization—large and small— to adopt a heightened posture when it comes to cybersecurity and protect your most critical assets against disruptive cyber incidents. Important recommended actions to protect your organization include:
Reduce the likelihood of a damaging cyber intrusion
- Validate that all remote access to your organization’s network and privileged or administrative access requires multi-factor authentication.
- Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA. Details: https://www.cisa.gov/known-exploited-vulnerabilities-catalog/
- Confirm that your IT personnel have disabled all ports and protocols that are not essential for business purposes.
- If you’re using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
- Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.
- Leverage CISA resources at https://www.cisa.gov/resources-tools
Take steps to quickly detect a potential intrusion
- Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging to better investigate issues or events.
- Confirm your entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
- If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.
Ensure you’re prepared to respond if an intrusion occurs
- Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within your organization, including technology, communications, legal and business continuity.
- Assure availability of key personnel; identify means to provide surge support for responding to an incident.
- Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.
Maximize your organization’s resilience to a destructive cyber incident
- Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
- If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.
By implementing this guidance, you can make near-term progress toward improving cybersecurity and resilience.
We also recommend a visit to www.StopRansomware.gov – a centralized CISA webpage providing ransomware resources and alerts.
If you’re not confident about how secure or compliant your Voice communications are, TCI can help. Call us today at (703) 321-3030 or GetHelp@tcicomm.com.