As the volatility of the situation in Eastern Europe continues to advance, the Cybersecurity and Infrastructure Security Agency (CISA) has recommended that organizations – large and small – be prepared to detect and disrupt cyberattack activity.
To help guide you on how to protect your business, CISA recommends implementing its Shields Up program. Below is a summary of actions you should be taking right now.
- Enhance your protection against unauthorized access to your systems
- Make sure you are using multi-factor authentication for remote access or administrative access to your network.
- Ensure you have implemented all software updates.
- Disable all ports and protocols that are not essential for your business.
- If you are using cloud services, make sure to review and implement strong controls outlined in CISA’s guidance.
- Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.
- Take steps to quickly detect a potential intrusion
- Be extra vigilant in monitoring for any unexpected or unusual network behavior.
- Confirm your entire network is protected by antivirus/anti-malware software and that signatures in these tools are updated.
- If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.
- Make preparations to respond if an intrusion occurs
- Designate a crisis-response team and define their roles in the event of suspected cybersecurity incidents. The team should include technology, communications, legal and business continuity.
- Ensure key staff is available to provide support for responding to an incident.
- Conduct an exercise so everyone understands their roles during an incident.
- Maximize your resilience to a cyber incident
- Test backup procedures to ensure your critical data can be rapidly restored in the event of a ransomware or other cyberattack. Make sure your backups are isolated from network connections.
- If using industrial control systems or operational technology, conduct a test of the manual controls to make sure it is operational in case your network is unavailable.
By implementing the steps above, you are taking great strides in making your business more resilient to potential cyberattacks.
SMBs are highly desired targets for cybercriminals
Small and medium size businesses – please don’t think your size reduces your risk – because it doesn’t. If anything, your size makes you a particularly attractive target because cybercriminals don’t think you have the in-house expertise or resources to provide adequate protection. The majority of cyberattacks hit SMBs for that very reason.
If you have any questions about protecting your business, please email firstname.lastname@example.org.
We’re happy to help in any way we can.
Let’s stay safe out there.