Connect with us

Hi, what are you looking for?

HEADLINES

4 Critical cybersecurity areas you should be focusing on now

Photo by Dan Nelson from Unsplash.com

Aqueduct Technologies, Inc., New England’s leading IT solutions provider — As a result of international tensions that have arisen surrounding the Russia/Ukraine conflict, the Cybersecurity, and Infrastructure Security Agency (CISA) released the “Shields Up Advisory“, recommending that organizations be on heightened alert. 

What exactly does this mean? What actions should we take? Getting started down a path toward applying this information to your environment can feel overwhelming.  Not to worry – we can call upon one of our favorite industry terms: Actionable Intelligence.

We need to take the general advice being given and expand on it, so we can do something with it.  The best place to begin when interpreting the advisory and your overall security posture is to start with the basics and build a plan.

Advertisement. Scroll to continue reading.

Below is high-level guidance and resources on critical areas to consider:

1. Incident Response Handling

Develop an Incident Response Plan. Both NIST and SANS have standardized frameworks, summarized below:

  • Preparation
  • Identification (Detection & Analysis)
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned

Having an action plan will reduce your need to pivot during times of crisis, ensure your strategy is aligned to the highest cybersecurity standards, and significantly improve the availability and integrity of your data and services.

Incident response handling is time-consuming, requiring detailed operational analysis, full-time staff, and ongoing adjustments.  Leveraging a Managed Detection and Response solution may be considered to reduce operational overhead and accelerate response times. 

2. Authentication & Identity Management

Advertisement. Scroll to continue reading.
  • Leverage MFA across the board
  • Audit AD accounts and MFA policies
  • Audit cloud service provider Identity and Access Management (IAM) ruleset
  • Implement network segmentation and containment controls with Cisco ISE

3. Network & Infrastructure Security Controls

  • Audit firewall ruleset
  • Align firewall ruleset with Next-Generation Firewall (NGFW) architecture
  • Align VPN topologies to modern cryptographic standards
  • Audit cloud workflows
  • Leverage SIEM and NetFlow logging and traffic monitoring
  • Block browser-based encrypted DNS services
  • Leverage SaaS tenant controls
  • Maintain up-to-date software versions across the organization
  • Conduct regular penetration testing
  • Conduct regular DR testing
  • Conduct regular backups and ensure tiered 3-2-1 backup hierarchy

4. Endpoint Protection & Content Filtering

  • Audit Antivirus/Antimalware solution
  • Block traffic to/from high-threat geographies
  • Block proxy and anonymizer services
  • Leverage URL and content filtering
  • Leverage endpoint disk encryption
  • Leverage email encryption and security
  • Perform routine end-user educational training

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

Advertisement