Cybersecurity Risks: New CISA Recommendations Following Recent Iran Hostilities
Due to recent events surrounding the increased hostilities between the Islamic Republic of Iran and the United States, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a notification outlining their recommendations to safeguard against a potential state-sponsored cyber-attack.
The notification contains the following recommendations:
1. Adopt a state of heightened awareness. This includes minimizing coverage gaps in personnel availability, more consistently consuming relevant threat intelligence, and making sure emergency call trees are up to date.
2. Increase organizational vigilance. Ensure security personnel is monitoring key internal security capabilities and that they know how to identify anomalous behavior. Flag any known Iranian indicators of compromise and tactics, techniques, and procedures (TTPs) for immediate response.
3. Confirm reporting processes. Ensure personnel knows how and when to report an incident. The well-being of an organization’s workforce and cyberinfrastructure depends on the awareness of threat activity. Consider reporting incidents to CISA to help serve as part of CISA’s early warning system (see Contact Information section below).
4. Exercise organizational incident response plans. Ensure personnel is familiar with the key steps they need to take during an incident. Do they have the access they need? Do they know the processes? Are your various data sources logging as expected? Ensure personnel is positioned to act in a calm and unified manner.
For a more complete overview of their recommendations, please refer to their site;
https://www.us-cert.gov/ncas/alerts/aa20-006a
Many of CISA’s recommendations are simple to address but there are a number of additional tactics that can be employed to increase your security posture and ultimately minimize the impact of a potential cyber-attack to ’s network systems and/or data.
It’s Your Move!
If you have any questions or would like to secure the time to discuss how we can help address this developing threat, please reach out to our team at TSI Support and we'll be happy to help you stay as safe as possible in today's cyberworld.
Vice President Sales & Business Development
Jeremy Louise serves as Technical Support International’s VP of Sales and Business Development. In this role, Jeremy is responsible for all of TSI’s new business and plays a central role in the vision and overall strategic direction at TSI. His personal and professional experience growing up in the family business not only contribute to TSI’s continued success, but its emphasis on understanding SMB needs and the technology solutions needed to accomplish their objectives. Prior to his role as VP Sales, Jeremy earned his MBA from UIBS Belgium and his bachelor’s degree from Hobart College in Geneva NY. When not working with clients helping navigate today’s constantly changing technology landscape, he is out on the water fly fishing.
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
