Holiday Cyber Best Practices: CISA and FBI Guidance
With the holiday season ahead, past trends indicate that threat actors will take advantage of businesses and organizations at reduced staffing levels and individuals working remotely. This alert highlights actions that can be taken proactively to defend against possible ransomware, business email compromise, or other forms of cyber threats.
The Cybersecurity & Infrastructure Security Agency and the FBI strongly urge all entities–especially critical infrastructure partners–to examine their current cybersecurity posture and implement best practices and mitigations to manage the risk posed by cyber threats. Specifically, CISA and the FBI urge users and organizations to take the following actions to protect themselves from becoming the next victim:
- Identify business operations and technical security personnel for weekends and holidays that would be available to surge in the event of an incident or ransomware attack.
- Implement multi-factor authentication for remote access and administrative accounts.
- Mandate strong passwords or passphrases and ensure they are not reused across multiple accounts.
- If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
- Remind employees not to click on suspicious links and conduct exercises to raise awareness.
In addition to CISA and the FBI’s recommended actions, preparation including reviewing, practicing, and updating incident response plans, remote work plans, and backup contact trees can help to reduce the risk of business interruption.
The views and opinions expressed in the article represent the view of the author and not necessarily the official view of Clark Hill PLC. Nothing in this article constitutes professional legal advice nor is intended to be a substitute for professional legal advice.
Clark Hill Mexico City Grand Opening Reception
Celebrate our new Mexico City Office with a reception and educational event.
We will toast our new office space and location with a cocktails and small bites with Mexico and US-based colleagues and friends.
SECURE Act 2.0 Has Arrived
On December 29, 2022, President Biden signed the SECURE 2.0 Act of 2022.
Join us as we discuss these changes and what they may mean for employers.