News

|

Feeds

|

Email

WALTHAM, Mass., April 19, 2022 /PRNewswire/ -- Aqueduct Technologies, Inc., New England's leading IT solutions provider -- As a result of international tensions that have arisen surrounding the Russia/Ukraine conflict, the Cybersecurity, and Infrastructure Security Agency (CISA) recently released the "Shields Up Advisory", recommending that organizations be on heightened alert.

What exactly does this mean? What actions should we take? Getting started down a path toward applying this information to your environment can feel overwhelming. Not to worry - we can call upon one of our favorite industry terms: Actionable Intelligence.

We need to take the general advice being given and expand on it, so we can do something with it. The best place to begin when interpreting the advisory and your overall security posture is to start with the basics and build a plan.

Below is high-level guidance and resources on critical areas to consider:

    --  Read the full blog for an expanded version of this list
    --  Get a copy of Aqueduct's 2022 Ransomware Playbook

1. Incident Response Handling
Develop an Incident Response Plan. Both NIST and SANS have standardized frameworks, summarized below:

    --  Preparation
    --  Identification (Detection & Analysis)
    --  Containment
    --  Eradication
    --  Recovery
    --  Lessons Learned

Having an action plan will reduce your need to pivot during times of crisis, ensure your strategy is aligned to the highest cybersecurity standards, and significantly improve the availability and integrity of your data and services.

Incident response handling is time-consuming, requiring detailed operational analysis, full-time staff, and ongoing adjustments. Leveraging a Managed Detection and Response solution may be considered to reduce operational overhead and accelerate response times.

2. Authentication & Identity Management

    --  Leverage MFA across the board
    --  Audit AD accounts and MFA policies
    --  Audit cloud service provider Identity and Access Management (IAM)
        ruleset
    --  Implement network segmentation and containment controls with Cisco ISE

3. Network & Infrastructure Security Controls

    --  Audit firewall ruleset
    --  Align firewall ruleset with Next-Generation Firewall (NGFW) architecture
    --  Align VPN topologies to modern cryptographic standards
    --  Audit cloud workflows
    --  Leverage SIEM and NetFlow logging and traffic monitoring
    --  Block browser-based encrypted DNS services
    --  Leverage SaaS tenant controls
    --  Maintain up-to-date software versions across the organization
    --  Conduct regular penetration testing
    --  Conduct regular DR testing
    --  Conduct regular backups and ensure tiered 3-2-1 backup hierarchy

4. Endpoint Protection & Content Filtering

    --  Audit Antivirus/Antimalware solution
    --  Block traffic to/from high-threat geographies
    --  Block proxy and anonymizer services
    --  Leverage URL and content filtering
    --  Leverage endpoint disk encryption
    --  Leverage email encryption and security
    --  Perform routine end-user educational training

View original content to download multimedia:https://www.prnewswire.com/news-releases/4-critical-cybersecurity-areas-you-should-be-focusing-on-now-301527312.html

SOURCE Aqueduct Technologies, Inc.

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

Indusface redefines WAAP user experience with industry-first innovations in AppTrana | Mar 28, 2025 EXECUTIVE PRODUCER BRADLEY COOPER'S FILM CAREGIVING TO PREMIERE ON PBS FOR NATIONWIDE BROADCAST JUNE 24 STREAMING BEGINS MAY 27 | Mar 28, 2025 Trend Micro Launches Voice-Enabled ScamCheck Capability to Help Protect Consumers from the Rising Threat of Global Scams | Mar 28, 2025 Splitit Unveils First Fully Embedded White-Label Installment Solution for Shopify Merchants | Mar 28, 2025 /C O R R E C T I O N -- Bell Canada (MTL)/ | Mar 28, 2025 Keeper Security Unveils Latest WearOS App for Seamless Password Management | Mar 28, 2025 Leading Endpoint Protection Solutions for Combatting Cyberthreats Identified in Info-Tech Research Group's New Emotional Footprint Report | Mar 28, 2025 Hornetsecurity named Top Player in Radicati's Secure Email - Market Quadrant 2025 | Mar 28, 2025 Ontinue Research Reveals Ransomware Attacks Surged 132% Despite 35% Drop in Payments | Mar 28, 2025 Identity Theft After a Data Breach? Legal Action May Recover Your Losses | Console & Associates | Mar 28, 2025