The White House has warned about the potential for Russia to engage in malicious cyber activity against the United States in response to the unprecedented economic sanctions we have imposed. To prepare, the White House, along with the Cybersecurity & Infrastructure Security Agency (CISA), has issued guidance for all organizations, including those in the private sector.
The guidance includes the following 8 security measures:
- Mandate MFA on all devices that have network access
- Ensure all software is patched and up to date
- Deploy security tools on your devices. For example, EDR and antivirus.
- Back up your data in a secure location
- Run exercises and drill your emergency plans
- Encrypt your data
- Train your employees with Security Awareness
- Engage with your local FBI field office or CISA regional office in advance of any cyber incidents
The Details of this Guidance
Here are explanations of each of the 8 security guidelines issued by the White House.
Mandate MFA on all devices that have network access
Multi Factor Authentication, or MFA for short, is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence. An example of MFA is requiring a user to provide a password and code via an SMS message to successfully login to a cloud application.
Ensure all software is patched and up to date
While not all up to date software programs are 100% secure at all times, developers work to ensure that any known security vulnerabilities are secured in their latest software updates. Cybercriminals can exploit these security vulnerabilities in out of date software. That’s why it is vital to ensure that all your devices’ operating systems and software have the latest versions installed.
Deploy security tools on your devices
Ensure that you have Endpoint Detection & Response (EDR) as well as antivirus software on all the devices that have access to your network. Antivirus will scan your devices for any known computer viruses and malware. EDR will protect against unknown threats because they don’t rely on signatures like antivirus solutions do. Additionally, EDR provides visibility into all endpoint activity, which allows for a faster response to threats.
Back up your data in a secure location
A backup and disaster recovery (BDR) plan won’t protect your data from getting into the wrong hands, but it will help you recover better and faster from a cyber attack. For example, if you become the victim of a ransomware attack which holds your data and access hostage, a BDR plan will help you access a copy of your data in another secure location so you can restore your systems and circumvent the demands of the cybercriminal.
Run exercises and drill your emergency plans
It’s a good idea to test your cyber incident response plans. For example, if your data is tied up in a ransomware attack, drill your team on the steps you’ll take to recover. Running exercises will make your team more prepared and less stressed when an actual event happens. After you run your drills, meet with your team to discuss how it went and ideas for improvements.
Encrypt your data
Encryption is the conversion of data from a readable format into an encoded format. Ideally, encrypted data can only be read or processed after it’s been decrypted by authorized parties.
There are encryption solutions for both file storage and sharing.
Train your employees with security awareness
Security awareness training is a training program used by organizations to prevent and mitigate user risk. These programs are designed to help users and employees understand the role they play in helping to combat data breaches. For example, security awareness training can help an employee detect and respond to a phishing email before they unsuspectingly download a virus or give their login credentials over to a cybercriminal.
Engage with your local FBI field office or CISA regional office in advance of any cyber incidents
Reporting cyber incidents is something we are very familiar with as it is a requirement for our clients who provide services for the U.S. Department of Defense. However, it’s still recommended for all types of organizations. Having a contact ready at your local FBI field office or CISA regional office will help you and authorities respond faster and more effectively to cyber attacks.
Where to Get Help
As a cybersecurity service provider specializing in securing DoD contractors’ information systems, we understand that many organizations lack the knowledge and resources to effectively implement the action items from the White House’s cybersecurity guidance.
If your organization is having issues with implementing any of these measures, you might consider hiring a Managed Security Services Provider (MSSP), like SysArc, to help. Our team of cybersecurity professionals will be able to assess your organization’s unique information systems and recommend solutions that secure your organization, while maintaining affordability, efficiency and productivity.
For example, our CMMC compliance solution meets and exceeds the White House’s guidance and is based on the latest cybersecurity controls from the National Institute of Standards and Technology (specifically NIST 800-171) for Department of Defense contractors who store and transmit highly sensitive information.
If you’re a DoD contractor or an organization that is interested in attaining a similarly high level of cybersecurity, contact us today to get a free cybersecurity consultation.