The United States Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday called on critical infrastructure owners and operators to improve their security stance against malicious cyberattacks.
The agency urges executives and senior leaders to take steps to ensure that their organizations are prepared to respond to incidents through the implementation of cybersecurity best practices.
“Sophisticated threat actors, including nation-states and their proxies, have demonstrated capabilities to compromise networks and develop long-term persistence mechanisms. These actors have also demonstrated capability to leverage this access for targeted operations against critical infrastructure with potential to disrupt National Critical Functions,” CISA notes.
To improve their defenses, critical infrastructure organizations are advised to eliminate gaps in IT/OT security personnel coverage, and to prepare for rapid response through heightened awareness and well implemented incident response procedures.
Furthermore, organizations are advised to train their personnel on the steps to take during and after a cyberattack, to implement two-factor authentication and make sure systems and applications are kept updated, and to set a low threshold for threat and information sharing.
For entities with OT or industrial control systems (ICS) assets, CISA also recommends identifying critical processes and securing them, developing workarounds and manual controls to isolate critical processes if needed, and ensuring that backup procedures are implemented.
At the same time, CISA encourages organizations to implement their cyber incident response plan as soon as an attack is detected, and to immediately report the assault to CISA.
Related: CISA Expands ‘Must-Patch’ List With Log4j, FortiOS, Other Vulnerabilities
Related: CISA Releases Guidance on Securing Enterprise Mobile Devices
Related: CISA Releases Incident and Vulnerability Response Playbooks