Amid global conflict involving cyberwarfare, U.S. businesses are on high alert about the possibility of a nation-state cyberattack on critical infrastructure. Last month, President Biden issued a stern warning that Russia is conducting “preparatory activity” for destructive cyberattacks and urged the private sector to remain vigilant about potential hacking efforts.
Cybersecurity is a top priority for our country’s leaders who have made it clear that cooperation between the public and private sectors is vital for national security and the prosperity of the U.S. economy. Because of the significant resources and expertise the government is able to dedicate toward cyber research and development, their findings provide a valuable source of education about current best practices in cybersecurity.
Here are three tried-and-tested tips you can use to strengthen your business’s defenses in the face of an intense threat landscape.
1. Take Advantage of Free Resources from CISA
Earlier this year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up alert in response to the Russia-Ukraine war, emphasizing that, “Every organization — large and small — must be prepared to respond to disruptive cyber incidents.” This web page offers useful information businesses across all industries can leverage, including suggested actions for detection, how to respond to a cyber intrusion, and the latest updates and guidance surrounding current events.
Here are a few additional CISA resources I recommend you investigate to bolster your organization’s cybersecurity posture:
- The Known Exploited Vulnerabilities (KEV) Catalog: This is a list of must-fix security flaws threat actors are actively exploiting. While there is a binding directive for federal agencies to patch these flaws within a certain timeframe, it also provides a great way for commercial organizations to start adopting risk-based vulnerability management.
- Cyber Essentials: Comprising six modules that focus on interconnected aspects of cyber readiness, this toolkit is geared toward organizations that don’t already have a high level of cybersecurity maturity.
- Stuff Off Search (SOS): Search engines are an incredibly simple, yet frequently overlooked attack vector threat actors can use to find exposed assets, like IoT devices. The SOS Guide helps organizations identify and remedy these internet-accessible vulnerabilities.
- Ransomware Guide: CISA designed this guide to serve as “a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack.” It is broken down into two parts: a list of Ransomware Prevention Best Practices and a Ransomware Response Checklist.
2. Secure Your Supply Chain
Supply chain cyberattacks have become a serious threat. After all, an organization’s security is only as strong as the weakest link in its supply chain. The recent Okta hack that affected hundreds of the company’s corporate customers is an alarming example of the far-reaching implications of a software supply chain incident. When this type of attack happens to an organization that is part of the federal supply chain, it becomes a matter of national security.
“A confluence of events — whether public instances of severe, brand-impacting breaches or government mandates — has increased the emphasis businesses are placing on understanding the complexity and the breadth of the ecosystem involved in the software supply chain,” said Rebecca Parsons, Chief Technology Officer at Thoughtworks, in reference to these headline-grabbing incidents.
For a better understanding of the growing risks associated with supply chain security, the National Institute of Standards and Technology (NIST) has created a report to share the following best practices for cyber supply chain risk management (C-SCRM):
- Integrate C-SCRM across your organization.
- Establish a formal C-SCRM program that is evaluated and updated in real-time.
- Know your critical suppliers and how to manage them.
- Understand your organization’s supply chain.
- Collaborate with your key suppliers and incorporate them in your supplier risk management program.
- Include key suppliers in your resilience and improvement activities; for instance, include as part of your vendor risk assessment process.
- Constantly and vigorously provide continuous monitoring of your C-SCRM.
- Have a plan for all business operations, not just for what appears to be the most critical parts of your organization’s various functions.
Download NIST’s Key Practices in Cyber Supply Chain Risk Management for detailed guidance on how to effectively execute each of these tips.
3. Zero in on Zero Trust
Zero trust security is another area in which public and private organizations are on the same page — it has become a federal mandate and a commercial best practice. All government agencies are required to adopt zero trust architecture (ZTA) by 2024, and businesses would be well advised to do the same.
Zero trust is a collection of concepts designed with the principle of least privilege for information systems (i.e., restricting access to resources to only the people who need them). It is useful for addressing modern cybersecurity challenges such as:
- Distributed endpoints and users
- Cloud computing and new service layers
- Remote access and monitoring
- Visibility and accountability
While the exact strategy used to implement zero trust is unique and must be custom-tailored to each organization, a few recommendations from the Cloud Security Alliance (CSA) and Microsoft include:
- Incorporate multi-factor authentication (MFA) or continuous authentication.
- Segment your network to prevent hackers from using lateral movement.
- Secure all devices, never allow unpatched endpoints to connect to your network.
- Be selective about defining roles and access controls as part of an official policy.
Lastly, it would be helpful for your organization to refer to NIST 800-207, a publication designed for federal agencies that offers lots of broadly applicable guidance surrounding the core components of zero trust.
Preparation is the Key to Cybersecurity Success
As cyberattacks targeting U.S. organizations continue to grow, it’s best to focus on “preparation, not panic” as CISA Director Jen Easterly recently put it. Free resources, such as those provided by CISA and NIST, provide an excellent starting point for organizations to learn about and execute the fundamentals of modern cybersecurity.
To foster a security culture of continuous improvement, it is also beneficial to leverage the expertise of a third-party firm. A-LIGN’s Ransomware Preparedness Assessment can help your business prepare for a ransomware attack or major cybersecurity event. Our one-of-a-kind service provides a comprehensive review of your infrastructure and processes including a special three-phased approach that involves both assessments and real-world simulations.