If you experienced a cyber attack tomorrow, would you be prepared for the aftermath? How would you alert customers if their data was stolen? How would you continue providing products and services to those customers and clean up the mess at the same time? What about the financial cost of a cyber attack?
In light of recent tensions between Iran and the United States, The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert in regards to cybersecurity. Iran’s historic use of cyber attacks as retaliation has led the CISA to recommend action be taken by organizations in order to protect their data (information below is from the CISA alert linked here):
- Adopt a state of heightened awareness. This includes minimizing coverage gaps in personnel availability, more consistently consuming relevant threat intelligence, and making sure emergency call trees are up to date.
- Increase organizational vigilance. Ensure security personnel are monitoring key internal security capabilities and that they know how to identify anomalous behavior. Flag any known Iranian indicators of compromise and tactics, techniques, and procedures (TTPs) for immediate response.
- Confirm reporting processes. Ensure personnel know how and when to report an incident. The well-being of an organization’s workforce and cyber infrastructure depends on awareness of threat activity. Consider reporting incidents to CISA to help serve as part of CISA’s early warning system.
- Exercise organizational incident response plans. Ensure personnel are familiar with the key steps they need to take during an incident. Do they have the access they need? Do they know the processes? Are your various data sources logging as expected? Ensure personnel are positioned to act in a calm and unified manner.
We have helped our customers over the years create a cybersecurity plan in the event of an attack, and prevention is key. Security breaches and cyber attacks most often occur because of employee error or behavior. We educate businesses and teams on things like where threats come from and what they look like, proper mobile device security, and how to prepare the business in the event of an attack. Training employees is your first line of defense.
In addition to training - planning and implementing a solid backup, disaster recovery and business continuity program is key to keeping your business running. We help businesses determine Time to Recovery and Recovery Point Objectives (RPO) to help tailor a solution that allows them to run in the event of server/data loss. So, take some time this new year and plan, prioritize, and audit your cyber security plan. We’re here to help.