What you need to know and do following the White House's call to act
The White House has issued a cybersecurity warning, stating that the ongoing Russia-Ukraine conflict presents a “critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience.” Here's your guide to making sure your organization is covered.
Resources from Automox
Patch and harden your environment
The internet is quickly becoming the fifth domain of warfare worldwide. We're seeing this in real time as the President releases intelligence-driven warnings around cyberattacks. See the President's latest announcement.
The way that we do IT and security must fundamentally shift.
Start with these steps to harden your environment against potential cyberattacks.
In addition to validating all remote access to networks and adopting MFA, make sure software is up-to-date, especially known exploited vulnerabilities.
Put your crisis-response team on notice and identify key points of contact, individual roles, availability to prep for a potential incident.
Make sure ITOps and SecOps are focused on identifying unexpected or unusual network behavior. Monitor and test your systems to make sure critical functions and data are protected in the event of a breach.
The latest developments in the Russia-Ukraine crisis shine extra light on the fact that organizations must strengthen their cyber defenses.
IT and security shoulder the immense task of protecting personal and corporate data, employee productivity, the company's reputation, and much more. Now is a critical time to act with appropriate tools and resources.
You greatly reduce the likelihood of attack by keeping your systems and software updated. Prioritize patching known exploited vulnerabilities, especially those CVEs identified in this Cybersecurity Alert, and then critical and high vulnerabilities that allow for remote code execution or denial-of-service on internet-facing equipment.
See CISA's full list of known vulnerabilitiesAutomation is the best tool to proactively stay ahead of attacks. Most organizations take an average of 102 days to patch systems, but it's become an industry best practice to patch within 24 hours of patch release to keep your organization protected.
Get tips on how to fix vulnerabilities fast with automationPurple teaming is a way for your organization's offensive and defensive security teams (the red and blue teams, respectively) to work together and learn from each other. This exercise can help you build resilience and enhance your ability to stop an attack even when some of your tooling fails to detect or respond to malicious activity.
Learn how to run a purple-teaming exercise to identify security gapsBLOG
Biden's Urgent Call for Heightened Cybersecurity
President Biden states leaders must prioritize IT and security within their organizations to protect against potential cyberattacks.
BLOG
CISA Issues "Shields Up" Guidance for All Organizations
CISA is urging companies to take these measures to reduce exposure and minimize damaging attacks from state-sponsored actors.
BLOG
How to Improve Cyber Resilience
These five factors should top your list of items to consider as you work to improve your organization's cyber resilience.