The Biden Administration has increased its calls for organizations to bolster their cyber defenses.

Cisco Guest Blogger

April 15, 2022

3 Min Read
Map of the United States
Pins placed throughout the map of the United States of America.Getty Images

Based on evolving intelligence, President Biden has warned of increased potential of cyberattacks on critical infrastructure in the United States. In this statement, the Biden Administration increased its calls for organizations to bolster their cyber defenses.

We have seen similar warnings before. It’s easy to get jaded or to let down our guards because we have not seen the cyber meltdown that was predicted to coincide with the onset of a kinetic conflict involving top-tier military powers. But, according to Anne Neuberger, the White House’s Deputy National Security Adviser for Cyber and Emerging Technology, this warning is “based on evolving threat intelligence, that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States.”

The advice given seems somewhat old hat: Use multi-factor authentication (MFA), log your systems, look at the logs, use encryption, develop emergency contingency plans, test your plans, and patch.

And yet, we are seeing these words and this advice come directly from the president of the United States. This signals two things:

  1. There is a renewed sense of urgency that the nature of the conflict could likely shift into cyber domains.

  2. Far too many systems are still not doing the basics necessary to stave off even fairly unsophisticated attacks.

People around the world are watching the conflict and wondering, “What can I do to help?” The president’s statement gives an answer. It’s not asking anyone to grow victory gardens or collect tin scraps for military hardware. It’s guiding everyone to take basic steps to ensure their computers and network-connected systems are not the next vector of attack in this expanding war. And, based upon this imminent threat, the time to act is now!

Matt Olney, of Cisco Talos Intelligence Group posted this series of Tweets on Jan. 24 that will give you some insight into the motivations of the threat advisory. Matt and his team have been fully engaged in Ukraine for a long time, as he details in his blog “Cisco Stands on Guard with our Customers in Ukraine.

To help shore up cyber defenses, read Bruce Brody’s blog “Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks, originally posted on Oct. 18, 2021. “Left of boom” refers to actions you can take to protect your organization before a cyber incident. It includes the following advice:

  • Have visibility and control of all assets and actionable metrics to measure cyber risk.

  • Understand what runs the essential business and mission operations and prioritize these high value assets (HVAs).

  • Move to the cloud. The major cloud providers are inherently more secure than almost anything that can be done internally, and they’re getting more secure all the time.

  • Implement multi-factor authentication (MFA) as soon and as efficiently as possible.

  • Put controls in place to secure the supply chain and require a software bill of materials (SBOM) from suppliers.

  • Put controls in place to protect against insider threat.

  • Reduce the attack surface and manage the endpoints.

  • Run very good anti-malware continuously, and make sure all systems are patched and updated continuously.

  • Backup all critical data at least daily.

  • Build out a Zero Trust Architecture (ZTA), and adopt a “Zero Trust or Bust” practice.

  • Cyber insurance is not the answer! You need the proper controls with or without it.

  • Build for cyber resiliency–it offers the best chance for achieving mission and business goals in the face of increasing sophisticated cyberattacks.

Bruce also highlights several Frameworks that offer great guidance to make your cyber decisions. They include: The NIST Cybersecurity Framework (CSF), MITRE ATT@CK and MITRE D3FEND, ISO 27001, and Center for Internet Security (CIS) 20 Critical Controls.

Bruce concludes his “left of boom” guidance by defining “right of boom” as the things you will do to recover after an event and how important it is to be prepared with disaster recovery planning (DRP), business continuity planning (BCP) and continuity of operations planning (COOP).

I hope you will find these resources useful as you respond to this call for action from the president.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPsVARs/SIs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like