Four CISA milestones for better cybersecurity
The Cybersecurity and Infrastructure Security Agency continues its efforts to better cybersecurity infrastructure in the United States with a variety of tools, resources, and guides. Their most effective tool is education, providing material to individuals, technicians, network admins, and businesses to create a resilient cybersecurity posture. For 2023 and onward, CISA has announced four major milestones everyone should follow and strive to achieve.
These four goals are designed to be accessible to anyone with basic computer skills. For your convenience, we’ll break them down in this article with suggestions on how best to integrate them into your company’s IT architecture. Remember these goals are designed to be achievable regardless of budget or technical knowledge.
These goals are also part of CISA’s Cybersecurity Framework, which you can read in full here.
Four Major Goals and Considerations
Goal 1: Change Default Passwords and Establish Login Policies
An organization should deploy a policy that changes all default passwords from the manufacturer standard where relevant. Hardware devices like routers and servers will have default logins. These must be changed to resolve serious cybersecurity threats and flaws. Guessable passwords can be exploited by hackers to then gain full access into privileged network spaces.
CISA’s mission also states default logins must be changed before integrating new services into a network. That includes mobile devices, hardware, firmware, and software. Prompts for switching from default passwords should be a mandate within the enterprise before gaining access to network resources and features.
Inquire about default passwords with product vendors. Also, establish complex logins for critical resources to encourage resiliency.
Goal 2: Introduce Multifactor Authentication (MFA) for Phishing Resistance
Phishing remains a dangerous threat to even the most sophisticated networks and cybersecurity strategies. Social engineering has been a staple of hackers for years and that trend will continue. One of the most effective methods for thwarting phishing and social-engineering attacks is through multifactor authentication.
CISA recommends implementing MFA into your network. Public Key Infrastructure or FIDO tokens can create resilient layers. You can also use SMS or Short Message Service as a last resort if other resources are not available.
It is important to understand phishing schema and how they access user credentials. Educating staff on simple ways to recognize symptoms of phishing attacks can mitigate potential damage and a hacker’s ability to gain unauthorized network access.
Goal 3: Segmenting Accounts and Privileged Accounts
Network segmentation is an effective strategy to split resources in case of intrusion. The idea is that not all systems can access the same business or network resources. This mitigates damage in the case of attack. For example, if a customer service account is compromised, a segmented network means it can only access that layer of the network. While it’s possible some data loss and damage will occur, it will only affect that specific sector.
CISA recommends the same for privileged accounts. Hackers will forego long attack campaigns if they can easily steal the credentials of administrators or those with extensive network access. Instead, network administrators should layer permissions. Users should only have access to what is necessary for their work and responsibilities.
Goal 4: Creation of Incident Response Plans
Response plans are integral to modern cybersecurity posture. CISA’s fourth milestone for any enterprise network is to create and maintain response plans. They are designed to provide a guide during breach event scenarios. These scenarios should cover a variety of events, like malware/ransomware attacks, network downtime, phishing, scams, and network breaches (to cover a few). Response plans are in the same vein as BDR – backup disaster recovery. Just as you would with any emergency, treating cyber threats as a critical event is important.
Conducting assessments and risk exercises guarantees incident response plans are effective and can be practically deployed in a business network.
These milestones are essential to improving cybersecurity infrastructure. They’re designed to easily be achievable with enough time and training.
But, if you need additional assistance or want more information on best cybersecurity practices, consider reaching out for third-party assistance. Contact Bytagig today to learn how we can help you.
