Saturday, January 28, 2023
  • Login
CEO North America
  • Home
  • Business
    • Entrepreneur
    • Industry
    • Innovation
    • Management & Leadership
  • CEO Interviews
  • CEO Life
    • Art & Culture
    • Food
    • Health
    • Travel
    • Environment
  • Opinion
  • News
  • Multimedia
No Result
View All Result
  • Home
  • Business
    • Entrepreneur
    • Industry
    • Innovation
    • Management & Leadership
  • CEO Interviews
  • CEO Life
    • Art & Culture
    • Food
    • Health
    • Travel
    • Environment
  • Opinion
  • News
  • Multimedia
No Result
View All Result
CEO North America
No Result
View All Result

Department Homeland Security: Shields Up

in Industry
Department homeland security: shields up
Share on FacebookShare on Twitter

Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.

Notably, the Russian government has used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives.

While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.

Based on this situation, CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats—part of a paradigm shift from being reactive to being proactive.

Free Cybersecurity Services and ToolsMany critical infrastructure or state, local, tribal, and territorial governments may find it challenging to identify resources for urgent security improvements. CISA has established a catalog of free services from government partners, the open source community, and JCDC companies to assist with this critical need.

Shields Up Guidance for All Organizations

CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.

Recommended actions include:

  • Reduce the likelihood of a damaging cyber intrusion
  • Validate that all remote access to the organization’s network and privileged or administrative access requires multi-factor authentication.
  • Ensure that software is up to date, prioritizing updates that address known exploited vulnerabilities identified by CISA.
  • Confirm that the organization’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
  • If the organization is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
  • Sign up for CISA’s free cyber hygiene services, including vulnerability scanning, to help reduce exposure to threats.

Take steps to quickly detect a potential intrusion

  • Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behavior. Enable logging in order to better investigate issues or events.
  • Confirm that the organization’s entire network is protected by antivirus/antimalware software and that signatures in these tools are updated.
  • If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic.
  • Ensure that the organization is prepared to respond if an intrusion occurs
  • Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within the organization, including technology, communications, legal and business continuity.
  • Assure availability of key personnel; identify means to provide surge support for responding to an incident.
  • Conduct a tabletop exercise to ensure that all participants understand their roles during an incident.
  • Maximize the organization’s resilience to a destructive cyber incident
  • Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
  • If using industrial control systems or operational technology, conduct a test of manual controls to ensure that critical functions remain operable if the organization’s network is unavailable or untrusted.

By implementing the steps above, all organizations can make near-term progress toward improving cybersecurity and resilience. In addition, while recent cyber incidents have not been attributed to specific actors, CISA urges cybersecurity/IT personnel at every organization to review Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure. CISA also recommends organizations visit StopRansomware.gov, a centralized, whole-of-government webpage providing ransomware resources and alerts.

Recommendations for Corporate Leaders and CEOs

Corporate leaders have an important role to play in ensuring that their organization adopts a heightened security posture. CISA urges all senior leaders, including CEOs, to take the following steps:

Empower Chief Information Security Officers (CISO): In nearly every organization, security improvements are weighed against cost and operational risks to the business. In this heightened threat environment, senior management should empower CISOs by including them in the decision-making process for risk to the company, and ensure that the entire organization understands that security investments are a top priority in the immediate term. 

Lower Reporting Thresholds: Every organization should have documented thresholds for reporting potential cyber incidents to senior management and to the U.S. government. In this heightened threat environment, these thresholds should be significantly lower than normal. Senior management should establish an expectation that any indications of malicious cyber activity, even if blocked by security controls, should be reported, as noted in the Shields-Up website, to CISA or the FBI. Lowering thresholds will ensure we are able to immediately identify an issue and help protect against further attack or victims. 

Participate in a Test of Response Plans: Cyber incident response plans should include not only your security and IT teams, but also senior business leadership and Board members. If you’ve not already done, senior management should participate in a tabletop exercise to ensure familiarity with how your organization will manage a major cyber incident, to not only your company but also companies within your supply chain. 

Focus on Continuity: Recognizing finite resources, investments in security and resilience should be focused on those systems supporting critical business functions. Senior management should ensure that such systems have been identified and that continuity tests have been conducted to ensure that critical business functions can remain available subsequent to a cyber intrusion. 

Plan for the Worst: While the U.S. government does not have credible information regarding specific threats to the U.S. homeland, organizations should plan for a worst-case scenario. Senior management should ensure that exigent measures can be taken to protect your organization’s most critical assets in case of an intrusion, including disconnecting high-impact parts of the network if necessary. 

Tags: cyber securityshields up

Related Posts

Sustainable retail
Business

Sustainable Retail

Spotlight on us property and casualty
Industry

Spotlight on US Property and Casualty

What an accelerating secondhand market means for fashion brands and retailers
Industry

What an Accelerating Secondhand Market Means for Fashion Brands and Retailers

Inflation reduction act and renewable energy development: its advantages and limitations
Industry

Inflation Reduction Act and Renewable Energy Development: its Advantages and Limitations

Shell ceo expects more taxes on oil industry to help consumers with energy bills
Industry

Shell CEO Expects More Taxes on Oil Industry to Help Consumers With Energy Bills

Ethereum’s ‘merge’ is a big deal for crypto — and the planet
Business

Ethereum’s ‘Merge’ Is a Big Deal for Crypto — and the Planet

How financial institutions can win the battle for trust
Industry

How financial institutions can win the battle for trust

Five steps to get industries on track for net zero
Environment

Five steps to get industries on track for net zero

Global m&a industry trends: 2022 mid-year update
Industry

Global M&A industry trends: 2022 mid-year update

Zero-based transformation: the big reset
Industry

Zero-based transformation: The big reset

No Result
View All Result

Recent Posts

  • Ford recalls 462,000 vehicles for rear camera display failure
  • US inflation and consumer spending fall for 2 straight months
  • Zoom fatigue finally revives travel for in-person company meetings
  • Fast food fans may face liver damage
  • Food delivery wars: Duke professor says there’s a better way

Recent Comments

    Archives

    Categories

    • Art & Culture
    • Business
    • CEO Interviews
    • CEO Life
    • Editor´s Choice
    • Entrepreneur
    • Environment
    • Food
    • Health
    • Highlights
    • Industry
    • Innovation
    • Issues
    • Management & Leadership
    • Multimedia
    • News
    • Opinion
    • PrimeZone
    • Printed Version
    • Travel
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    • CONTACT
    • GENERAL ENQUIRIES
    • ADVERTISING
    • MEDIA KIT
    • DIRECTORY
    • TERMS AND CONDITIONS

    Editorials – stuart.james@ceo-na.com

    Editor-In-Chief – caroline.sposto@ceo-na.com

    Editorials – editorials@ceo-na.com

    Advertising – media@ceo-na.com

    NEW YORK

    110 Wall St.,
    3rd Floor
    New York, NY.
    10005
    USA
    +1 212 432 5800

     

    MEXICO CITY

    Paseo de la Reforma 296,
    Floor 38
    Mexico City
    06600
    MEXICO

    • CONTACT
    • GENERAL ENQUIRIES
    • ADVERTISING
    • MEDIA KIT
    • DIRECTORY
    • TERMS AND CONDITIONS

    Editorials –
    stuart.james@ceo-na.com

    Editor-In-Chief –

    caroline.sposto@ceo-na.com

    Editorials – editorials@ceo-na.com

    Advertising –
    media@ceo-na.com

    NEW YORK

    110 Wall St.,
    3rd Floor
    New York, NY.
    10005
    USA
    +1 212 432 5800

    MEXICO CITY

    Paseo de la Reforma 296,
    Floor 38
    Mexico City
    06600
    MEXICO

    CEO North America © 2022 - Sitemap

    No Result
    View All Result
    • Home
    • Business
      • Entrepreneur
      • Industry
      • Innovation
      • Management & Leadership
    • CEO Interviews
    • CEO Life
      • Art & Culture
      • Food
      • Health
      • Travel
      • Environment
    • Opinion
    • News
    • Multimedia

    © 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In