BW Cyber wants you to be aware of a recent CISA alert (AA22-110A) – Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure – sent by FINRA.
A recent alert from CISA – jointly by cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom – advised that because of recent economic sanctions on Russia by the U.S., malicious cyber activity is inevitable.
The CISA alert is divided into two sections.
- Section one provides an overview of the Russian actors and the state-sponsored organizations that are capable to carry out various types of cyberattacks.
- Section two outlines the controls and effective practices firms should implement to prevent issues – steps your organization can take to prepare and respond with a proactive mindset when and if these attacks occur.
FINRA draws our attention to the second section outlining how organizations can prevent, prepare, and respond accordingly to a cyberattack.
- Preventing Cyber Incidents:
- Prioritize the application of software updates and security patching.
- Implement strong access management procedures (adding, removing & reviewing access) across all systems including cloud systems.
- Enforce multi-factor authentication (MFA).
- Implement network segmentation to separate network segments based on role and functionality.
- Provide cybersecurity end-user awareness and training.
- Preparing for Cyber Incidents:
- Create, maintain, and test an incident response plan. Preserve a hard copy of the plan.
- Maintain encrypted and immutable offline backups.
- Ensure adequate logging and monitoring capabilities in support of incident investigations.
- Responding to Cyber Incidents:
- Activate and follow your incident response plan.
- Immediately isolate all infected systems.
- Engage third-party expertise and report to appropriate law enforcement or regulatory bodies.
For more information on how BW Cyber, LLC can assist you, please contact us at firstname.lastname@example.org.
- CISA Source: https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
- BW’s Managed Detection and Response – https://www.bwcyberservices.com/services/managed-detection-response/
- BW’s Incident Response and Forensics – https://www.bwcyberservices.com/services/incident-response-forensics/
- BW’s Cybersecurity Risk Assessment – https://www.bwcyberservices.com/services/cybersecurity-risk-assessment/