CISA Recommendations to Protect Against Cyber Threats

Greater sophistication of cyberattacks, along with a rising volume of threats, means US businesses are at a greater risk of being breached today than ever.

In this blog post, we’ll be taking a look at these recommendations and what businesses can do to ensure they are effectively protecting their data infrastructure.

Background

The cybersecurity landscape over the last several years has been growing more volatile for organizations of all sizes.

SMBs, previously not considered valuable targets for cybercriminals, are using greater volumes of data in their operations than ever, including employee and customer personal identifying information (PII), which is especially lucrative for hackers to exploit.

As a result, businesses are seeing increased numbers of attacks targeting their businesses, with substantial breaches affecting many.

*A 2020 report revealed that 55% of organizations had experienced a cyberattack during the year.

With 79% of companies that have been the victim of a cyberattack saying attacks are more sophisticated than ever, it’s unlikely that this is a trend that will abate any time soon.

To combat this, companies must improve their cybersecurity postures in order to adequately defend themselves against modern cyberthreats.

CISA Measures to Protect Against Critical Threats

Here are CISA’s recommendations on how to effectively protect an organization from cyberattack in 2022.

Read on to learn more!

Reduce the likelihood of a damaging cyber intrusion

• Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
• Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
• Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
• If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA's guidance.
• Sign up for CISA's free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.

Take steps to quickly detect a potential intrusion

• Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging in order to better investigate issues or events.
• Confirm that the organization's entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
• If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.

Ensure that the organization is prepared to respond if an intrusion occurs

• Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/ responsibilities within the organization, including technology, communications, legal and business continuity.
• Assure availability of key personnel; identify means to provide surge support for responding to an incident.
• Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.

Maximize the organization’s resilience to a destructive cyber incident

• Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
• If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.

How Can Organizations Improve Their Cybersecurity?

If you are reading these CISA recommendations and are skeptical about your ability to carry them out, it’s likely because they require dedicated cybersecurity personnel to do so.

One of the primary reasons businesses fall victim to attacks is because they are unable to staff an entire dedicated cybersecurity team that can perform and maintain all the necessary measures needed to ensure a secure network.

Instead, it is often the case that IT staff are left attempting to perform security responsibilities—and understaffed and overworked IT staff at that.

Due to a number of factors—like the skills shortage in the cybersecurity industry—it’s prohibitively expensive for most companies to hire security professionals in-house.

As a consequence, managed security service providers (MSSP) are seen as a viable alternative. MSSPs take care of a business’ security needs for a fixed-fee contract, so you can get on with the day-to-day running of your company.

As an MSSP, DOT Security is well-placed to be your cybersecurity partner and will help strategize, implement, and maintain a security program that protects your data and infrastructure.

With best-in-class tools and industry-leading expertise, DOT Security is the last MSSP partner you will ever need.

For more information, visit our Why DOT? page and discover what we can do for you.