Shields Up in 2024 – Recommended Cybersecurity Guidance for DC Region Organizations

/0 Comments/in /by

As the nation’s cyber defense agency, CISA helps organizations prepare for, respond to, and mitigate the impact of cyberattacks.

CISA’s Shields Up campaign is a heads-up to every organization—large and small— to adopt a heightened posture when it comes to cybersecurity and protect your most critical assets against disruptive cyber incidents. Important recommended actions to protect your organization include:

Reduce the likelihood of a damaging cyber intrusion

  • Validate that all remote access to your organization’s network and privileged or administrative access requires multi-factor authentication.
  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA. Details: https://www.cisa.gov/known-exploited-vulnerabilities-catalog/
  • Confirm that your IT personnel have disabled all ports and protocols that are not essential for business purposes.
  • If you’re using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
  • Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.
  • Leverage CISA resources at https://www.cisa.gov/resources-tools

Take steps to quickly detect a potential intrusion

  • Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging to better investigate issues or events.
  • Confirm your entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
  • If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.

Ensure you’re prepared to respond if an intrusion occurs

  • Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within your organization, including technology, communications, legal and business continuity.
  • Assure availability of key personnel; identify means to provide surge support for responding to an incident.
  • Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.

Maximize your organization’s resilience to a destructive cyber incident

  • Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
  • If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.

By implementing this guidance, you can make near-term progress toward improving cybersecurity and resilience.

We also recommend a visit to www.StopRansomware.gov – a centralized CISA webpage providing ransomware resources and alerts.

If you’re not confident about how secure or compliant your Voice communications are, TCI can help. Call us today at (703) 321-3030 or GetHelp@tcicomm.com.
 

You might also like
Hybrid, Public or Private Cloud Deployments… 5 Questions that Lead to the Right Choice
Managed Infrastructure Solutions… We Make Connecting Your Business Easy
TCI Makes Mitel Access Control Easy - Improve Your Building Security from Your Phone
Keeping Up with Contracts? Engage TCI Before Your Next Auto-Renewal
Make Your Upcoming Move Smoother with TCI Relocation Services
Mobilize Your Enterprise With Mitel's MiVoice 6900 Premium Desk Phones
Adjusting to Work at Home… Small Changes Can Help
Work Arrangements for Reopening… Supporting Hybrid Workers at-Home and in-Office with UC
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *