Based on recent activity in the middle-east, MSSP Alert reports on insights from the Cybersecurity and Infrastructure Security Agency (CISA) about potential Iranian attacks on the United States and related infrastructure.
Nine Cybersecurity Questions to Ask
In addition to describing physical security measures, the CISA Insights document outlines a nine-step cyber protection plan. MSSPs and MSPs that follow the plan should ask these nine questions of themselves and their customers, the CISA says:
- Backups: Do we back up all critical information? Are the backups stored offline? Have we tested our ability to revert to backups during an incident?
- Incident Response: Do we have an incident response plan, and have we exercised it?
- Business Continuity: Are we able to sustain business operations without access to certain systems? For how long? Have we tested this?
- Risk Analysis: Have we conducted a cybersecurity risk analysis of the organization?
- Staff Training: Have we trained staff on cybersecurity best practices
- Account Protections: Have we implemented multi-factor authentication and are we minimizing account privileges?
- Vulnerability Scanning and Patching: Have we implemented regular scans of our networks and systems? Do we have an automated patch management program?
- Network Traffic Monitoring: Are we monitoring the network traffic crossing the boundary of critical networks, including industrial control systems?
- Application Whitelisting: Do we allow only approved programs to run on our networks?
MSPs Fighting Cyberattacks: Basic First Steps
To get ahead of cyber threats, MSSP Alert and ChannelE2E have recommended that readers:
- Sign up immediately for U.S. Department of Homeland Security Alerts, which are issued by the Cybersecurity and Infrastructure Security Agency. Some of the alerts specifically mention MSPs, CSPs, telcos and other types of service providers.
- Study the NIST Cybersecurity Framework to understand how to mitigate risk within your own business before moving on to mitigate risk across your customer base.
- Explore cybersecurity awareness training for your business and your end-customers to drive down cyberattack hit rates.
- Connect the dots between your cybersecurity and data protection vendors. Understand how their offerings can be integrated and aligned to (A) prevent attacks, (B) mitigate attacks and (C) recover data if an attack circumvents your cyber defenses.
- Continue to attend channel-related conferences, but extend to attend major cybersecurity events — particularly RSA Conference, Black Hat and Amazon AWS re:Inforce, and MSP-centric cyber events like PerchyCon 2020.
Read the full article here>> https://www.msspalert.com/cybersecurity-news/iran-cyberattack-warning-cisa-guidance/