Cybersecurity suggestions and directives are continuing to escalate as attacks do as well. Efforts led by President Biden, the CISA, and NSA offer expertise for those in the private and public sectors. This month, data-wiping attacks occurred in Ukraine, leading the US government to continue proceeding with caution. Simultaneously, executive orders that were first signed last May, are expanding for the Defense Department, spy agencies, and contractors.
The attacks in Ukraine included defaced websites and data-wiping malware deployed to corrupt data, causing Windows devices to become inoperable. The CISA’s advice helps combat both data-wiping attacks, as well as ransomware and other network intrusions.
- Utilize 2FA or MFA, the latter, especially for remote access processes.
- Keep your software up-to-date.
- Ensure data is encrypted.
- Disable all ports and protocols not essential to business. (Ask your IT professional about this!)
- Have strong controls on your cloud services, if those are utilized.
- Sign up for CISA’s free cyber hygiene services!
- Have dedicated personnel focusing on identifying unexpected or abnormal network behavior.
- Utilize technology and software that’ll detect security problems.
- Install antivirus/antimalware and keep them up-to-date.
- Test your backup procedures regularly and ensure at least one backup location is isolated from network connections.
- Test software patches prior to installation to ensure they’re secure.
Thankfully, we cover everything (other than the CISA services, hah!) on this list. If your current IT provider or personnel can’t show you these practices are established, let’s talk. We understand the suggestions list seems to only continue to grow, but thankfully many of these are incredibly easy to implement and will protect your company well. You have your business to run though, so let us take care of it. We make IT great, you make your business great.