CISA SHIELDS UP - DIRECTIVE
CISA has sent out the following directive for companies directing them to be vigilant in their cyber security efforts https://www.cisa.gov/shields-up. We recommend that our customers review the Shields Up Notification and ensure they are doing what they can to protect their organizations. This Shields Up notification is nothing new to Cyber Security leaders. All these recommendations are indicative of any mature security posture.
Small, Medium Business, and local government organizations may not have budgets to have an extremely resilient security program but there are a few recommendations Emagined Security always makes to help a company to the best with the budget they have:
Enable 2 Factor authorization on all email, VPN, and account access where available and consider what you can do to enable these if it’s just with the basic Microsoft or Google licenses already available within the environments
Monitor your Firewalls, ensure you do not have inbound ports that are not necessary for your business, and with most UTM firewalls you can tune your IPS/monitoring to pick up on international attacks.
Block IP addresses for countries where you do not do business
Ensure EDR is running on ALL systems in your environment
Additionally, based on the recent attacks on McDonald’s and NVIDIA, and Ransomware being a moneymaker for terrorist activity and foreign nation-state actors, ensure you have your Endpoint Detection and Response (EDR) programs running on all systems. Many companies believe that installing EDR on critical systems is necessary but do not follow diligence in protecting all their assets with an EDR. Many companies have had compromises that were purchasing EDR but did not deploy it correctly or fully.