Executive Order

The past few weeks of news headlines have been dominated by recent ransomware attacks that have crippled private businesses. The attack on Colonial Pipeline shut down hundreds of gas stations down the East Coast, and the hack of JBS temporarily shut down one of the largest producers of meat in the world. In light of these attacks and President Biden’s Executive Order in May, the White House issued a statement from deputy national security advisor for cyber and emerging technology Anne Neuberger. This document emphasizes that it is not just the responsibility of the government to protect against cyber attacks, but the private sector also has a responsibility to do so. In order to help guide organizations, Neuberger provides a list of immediate actions that organizations can take to better protect themselves against cyber threats. Here are the biggest takeaways from the release.

Start with the Fundamentals

Many businesses are having to undertake rapid change in order to make sure that they are properly protected. This process should begin with implementing the most high-impact practices that are fundamental to any good security plan. President Biden’s executive order gave a list of several practices that are a great place to start for any business.

MFA is essential, as it helps prevent against compromised credentials being used to fully infiltrate a system by requiring multiple steps of credentials to gain access. In fact, further investigation into the Colonial Pipeline attack revealed that MFA would have prevented the initial access point from being opened. Endpoint detection and response (sometimes referred to as XDR) is also imperative, especially as the world has moved towards being remote. This practice hunts for malicious activity coming in from any number of endpoints for a system and tries to block any such activity before it has the chance to do any real damage. Encryption is also key, as encrypting data makes it unusable for attackers in the case that it is stolen.

Lastly, a skilled security team is of the utmost importance. While this may seem somewhat obvious, many organizations do not give the proper amount of authorization or resources to their security team which severely limits the team’s ability. So, a good security team with enough resources is the most effective way to actually implement these changes. Ultimately, these practices are the best place to start when implementing a new security set up and cannot be overlooked, no matter how basic they appear to be.

Backups are Essential in the Case of Attack

Oftentimes, businesses who are the victims of ransomware attacks find themselves in an impossible scenario: either they pay the ransom, or they have to go about decrypting the files themselves. Data backups are key in fighting this dilemma. If an organization falls victim to ransomware attacks but has backups in place, they can restore systems to be operational using the backups. However, many organizations do not have these backups in place and thus find themselves in the aforementioned scenario when they are attacked with ransomware. The release from the White House asserts that not only should organizations implement backups, but they should be offline backups that are regularly tested. If the backups are online, then attackers can get to those files just as easily as they can get to any other files in the system. So, by keeping the data offline, you protect it from falling victim to attackers. By simply having backups in place, organizations can save themselves both time and money if they fall victim to an attack.

Update, Update, Update

This may seem obvious, but updating operating systems is crucial to maintaining security. However, many organizations fail to do so and fall victim because of it. In fact, a large hack of Equifax a couple of years ago that exposed the data of 143 million people was entirely avoidable if they had just updated their systems. Organizations often avoid updating software because their systems are built on the current version of the software and an update could potentially wreck those systems. However, this is where a development and operations team (DevOps) comes in and helps with the transition between updates. Updating software and working with a DevOps team is crucial to keep systems as secure as possible.

Have a Plan and Test It

In order to prepare for an attack, it is essential to have a plan in place for what your organization plans to do. Security teams need to develop an incident response plan built around securing their systems and getting the organization operational again. Additionally, hiring a third party pen tester provides more of a real world test of that plan. Pen testers will use many of the same tactics used by hackers in order to test how well your organization is truly prepared for an attack. Planning and testing will help your organization be prepared in the case that an attack does occur.

Segment your Network

Not only do ransomware attacks try to steal data from organizations, but many times they try to seriously disrupt operations. In times where they do try to disrupt operations, it is important that the different functions of a business are properly separated out so as to not be taken out all at once. For example, businesses should separate business and manufacturing functions so that if one goes down, the other can stay up. It is also essential to limit internet access to these networks in order to keep them protected from attacks, and having contingency plans in the case of attack can help your organization regain function faster. Ultimately, separating networks is just another way to make life harder for the attacker.

Don’t Know Where to Start

Assessment Dashboard
Know specific cybersecurity issues to fix and measure progress

Corporate Information Technologies can help you navigate the requirement of the Executive Order via our Cyber Security Risk Assessment.

Corporate Information Technologies provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised. 

Don’t Gamble With Your Security  Contact us

Written by: Michael Honrine

Comments are closed

Learn More

Learn More
error: Alert: This Content is protected!