On December 13, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive for all federal civilian agencies to review their networks for indicators of compromise related to a breach involving SolarWinds Orion products.
Bogdan Salamakha, TCDI’s Senior Cybersecurity Engineer, filters out the noise to break down what happened, who was affected, and provide recommendations that organizations can implement to protect their network.
Sometimes it doesn’t matter how much technology you have at your disposal. If a hacker finds a weak link, you can bet they will attempt to exploit it. Here are recommendations to lower your risk and make it difficult for a malicious actor to gain a foothold in your network.
A configuration audit will review your application and / or device settings to industry best practices and applicable compliance regulations to identify security gaps that may exist.
Configuration audits can be performed on a variety of devices, applications, and platforms which may include:
Vendor risk management is critical. Hackers have a history of targeting vendors, such as Managed Service Providers (MSPs), and using that connection to infiltrate client networks. So what can you do?
Audit your vendors. When was the last time your vendor had a pen test? Do they have a business continuity plan in place? Does their security meet or exceed your own?
That last one is a big one. If they can't answer yes, then maybe it is time to consider a new vendor.
Cybersecurity professionals are in high-demand, and as such, command high salaries. Thus, it is not always feasible to hire a full-time resource, especially for small to mid-sized businesses. That's where a Virtual CISO comes into play.
Organizations can engage a trusted advisor to act as their CISO on an as-needed basis. With access to a team of highly skilled experts, companies can gain:
For example, when an event such as SolarWinds makes headlines, you can reach out to your Virtual CISO to get advice on next steps. Does this impact your organization? What do you need to do right now? What are proactive steps to ensure your data is secure?