The Cybersecurity & Infrastructure Security Agency (CISA) publishes timely insights frequently to provide background information on particular cyber threats facing the U.S. The most recent edition of CISA Insights, published last week, highlighted the recent attacks on various entities in the Ukraine as a harbinger of critical new threats facing entities in the U.S.
CISA Insights identified various steps we can take to reduce risk of a compromise including:
- Patching
- User Awareness
- Testing backups
- Reviewing Incident Response protocols
They also pointed readers to their Cyber Hygiene Services. These scanning and testing services help organizations reduce their exposure to threats by taking a proactive approach to mitigating attack vectors. Those services include:
- Vulnerability and WAS scanning
- Phishing tests
- Remote penetration tests
These assessments and tests are free to federal, state, and local government institutions as well as private sector organizations who are part of critical infrastructure. Tego recommends organizations investigate the free services because they are an excellent resource to establish an initial picture of your risk at the moment.
It is a good first step in risk reduction, but the assessments and scans alone are not enough. Tego’s Security, Audit, and Compliance team can work with you to leverage your findings into an actionable plan for reducing risk in a meaningful way. We can also work with you on building an appropriate Incident Response Plan. Contact us today to start the conversation about risk reduction.