If you do not live completely without a network, you know that the terrible war in Ukraine and the associated geopolitical tensions have sharply intensified cyber attacks and the threat even greater.
The Cybersecurity and Infrastructure Security Agency (CISA) provides guidance to U.S. federal agencies in their fight against cybercrime, and the agency’s advice has proved so valuable that it has been widely accepted by commercial organizations as well.
In February, CISA responded to the current situation by publishing an unusual “SHIELD BREAK!“Warning and advisory. According to CISA,” Every organization – large and small – must be prepared to respond to devastating cyber incidents. “
The announcement from CISA consisted of a series of recommendations to help organizations and individuals reduce the likelihood of a successful attack and limit the damage in the event of the worst. It also contains general tips for C-level leaders, as well as tips on how to respond to ransomware programs in particular.
Breaking SHIELDS UP recommendations
There are many things – more than 20 instructions and recommendations. How much can you really do? Understanding this, we can say that many CISA recommendations are just basic security techniques that everyone should follow in any case. У list of recommendationsthe first two concern the restriction of user privileges and the application of security patches – especially those included in the list of known CISA vulnerabilities. Everyone should do it, right?
CISA further recommends a list of actions for any organization that has been attacked. Again, these tips are fairly simple – quickly identify unexpected network activity, implement anti-malware and anti-virus software, and keep thorough logs. Smart advice, but nothing groundbreaking.
And here’s what – these activities should already be in your organization. There should be no need to “assign” good practice, and the fact that this “official advice” is needed speaks volumes about the overall security situation in companies and organizations around the world.
Implementation of recommendations in practice
The security situation is becoming weak due to lack of technical know-how, resources and lack of strategy. That this is happening is somewhat understandable because, although technology is at the core of the functioning of organizations, it remains true that the provision of technology services is not the primary goal of most companies. If you’re not in the tech sector, of course.
One way to close existing gaps in your practice is to rely on an external partner to help implement items that are beyond your capabilities or available resources … In fact, some requirements are impossible without a partner. For example, if you need to upgrade the end of life system, you will see that the provider no longer provides updates. You will need a security partner to give you these patches.
And fixing is probably the lowest result in a security pipeline – but often fixes aren’t performed consistently, even if it’s very effective and easy to implement. Downtime and maintenance periods are a drawback to fix as well as resource constraints.
The right tools to work with
The easiest step to doing the item is “SHIELDS UP!” it would be to set up a regular cadence fix. guide, even if the fix is complicated. The right tools can help: For some software components, real-time fix technology can do it all. Automated real-time patch tools eliminate the need to schedule downtime or maintenance times because patches are applied without disrupting live workloads.
Automated fix – according to KernelCare Enterprisefor example, it also minimizes the time between patch availability and deployment almost instantly, reducing the risk window to an absolute minimum.
This is just one example of how the right set of cybersecurity tools is critical to successfully responding to an ongoing increased threat. CISA has made solid, effective proposals, but to protect your organization successfully you need the right tools and the right security partners.