How to Bolster your Cybersecurity Response Amid Tensions Between Russia and Ukraine
Following the Russian attack on Ukraine, the Cybersecurity & Infrastructure Security Agency (CISA) has recommended that U.S. organizations apply “Shields Up” due to the high probability that we will continue seeing cyberattacks against Ukrainian allied governments and interests. While there have yet to be any credible attacks on the U.S., CISA predicts it is only a matter of time before adversaries leverage cyber-attacks. You can read more details on CISA’s Shields Up directive here.
- Educate your employees and users with cyber training and security awareness. This will prevent social engineering and phishing attacks as your first line of defense. Align clients can leverage our Security Awareness Training.
- Deploy MFA (Multi Factor-Authentication) to as many activities as you can to weed out potential threats. At the very least, validate that remote and administrative access require MFA.
- Patch vulnerable software, prioritizing updates that address the known exploited vulnerabilities identified by CISA.
- Audit which applications and devices are available from the internet and be sure nothing is accessible unnecessarily.
- Create a plan with a designated crisis-response team. Clearly identify the main points of contact including department leads to avoid confusion in the heat of the moment during an incident.
- Test backup procedures to ensure critical data can be recovered quickly in the event of a cyber-attack, and ensure that backups are isolated from network connections.
What We're Doing:
- For Align Managed customers, the Network Operations Team will continue to patch Align IT Suite Platform endpoints in accordance with its normal day to day practices.
- Clients that are leveraging Managed Threat Protection (Guardian endpoint and Guardian network) will have continued 24x7x365 monitoring by our Security Operations Center (SOC) against known and unknown threats in real-time, enabling us to continuously monitor, detect and respond to suspicious activity in your network and safeguard your critical infrastructure from malicious hackers.
Key Takeaways from John Araneo, Managing Director, Align Cybersecurity:
- In times of heightened cyber risks, always start with the fundamentals, by ensuring the core technological, operational and governance controls are in place and being actively administered.
- A model cybersecurity risk management program is, by its nature, both proactive and reactive; the former by way of the various preventative controls (such as data loss prevention, monitoring, access rights and controls and employee education) and the latter manifested through elements such as incident response plans, communication controls and post-breach governance structures.
- Take care in creating and maintaining qualitative, active and meaningful third-party relationships with your IT, compliance and cybersecurity advisors.
- CISA’s “Shields Up” Advisory
- Preventing cybercriminals from infiltrating your network starts with your first line of defense, your staff. Align's clients are better equipped at dealing with current and emerging risks because they have created a robust culture of security through leveraging our Security Awareness Training.
- If you are a managed services customer, familiarize your team with our Service Desk's contact information:
- Email: firstname.lastname@example.org
- (US) Phone: 1-855-482-5446
- Explore more information on Align's Cybersecurity Advisory Practice.
Align’s leading-edge cloud services and robust cybersecurity advisory practice can help safeguard your business from threats like this. It assesses and addresses evolving cybersecurity threats, and allows our clients to create customizable solutions that mitigate risk and compliance burdens while empowering secure, agile, mission-critical services.