On Monday the White House once again raised an important warning on the potential for impending cyberattacks from Russia. With President Biden reiterating an earlier warning prompted by increased noise and probing within critical infrastructure sectors and industries that rely on industrial control systems, it’s important to take action now to double-down on security best practices, and to evaluate resilience in the face of evolving and potentially unknown risks and vulnerabilities.
What Should Critical Infrastructure Do?
Critical infrastructure organizations should be reviewing their security policies to identify and address areas that need more robust protection. They should also evaluate where stated policy needs implementation or enforcement, and ensure back ups are protected.
The Basics of Prevention
- Review and revise access controls
- Audit and enforce password policies
- Be on high alert for new phishing attempts
- Patch what you can
- Scan for vulnerabilities, internal and external
- Review third-party access to your people, processes, and technology
- Evaluate supply chain dependencies
- Plan ahead
As threats continue to be identified, the only way to detect their presence is to have visibility into your operations where detection can be built in as a tool for fortifying those prevention efforts, and for hunting within your operation when a novel threat is identified—either in your networks or reported from another company in your orbit. Consistently prioritizing the basics and maximizing the potential of network monitoring are key building blocks for resilience. Given the unprecedented nature of the conflict and threat landscape today, Nozomi Networks and our partners have created an easy-to-deploy offer for new and existing customers to strengthen their security and situational awareness.
Nozomi Networks and Our Partners’ Offering
There is a push for software tools and solutions to establish normal operating baselines and leverage intelligence from their operations in order to build alerts and playbooks to quickly remediate attacks. Products that combine actionable threat intelligence and vulnerability management can identify threats and quickly help reduce attack surfaces. Nozomi Networks, along with our vast global network of partners, is providing new customers free access to our virtual visibility and security solutions to monitor device vulnerabilities and network communications.
For existing customers, we will extend our asset intelligence and/or threat intelligence capabilities. For new customers, we will deploy either our Guardian or Vantage products via our partner ecosystem, along with asset intelligence and/or threat intelligence capabilities options as needed/requested. The free offer will initially last 30 days, and be extended as the situation requires. For those customers with partial deployments, we will work with you to accelerate the deployment or add any missing subscription services for the best level of protection for your business. Get in touch today to discuss your needs, and how quickly we can deploy and add value to your cybersecurity defenses.