- March 28, 2022
The UK’s security agency has told organizations of the steps to take to beef up their defenses “when the cyber threat is heightened” by zero-day software flaws or geopolitical tensions.
NCSC’s list includes:
Check your system patching: Ensure your users’ desktops, laptops and mobile devices are all patched
Verify access controls: Ask staff to ensure that their passwords are unique to your business systems and are not shared across other, non-business systems
Ensure defenses are working: Check antivirus and firewalls
Logging and monitoring: Understand what logging you have in place, where logs are stored, and for how long
Review your backups: Confirm that your backups are running correctly
Incident plan: Check your incident response plan is up to date
Check your internet footprint: Perform an external vulnerability scan of your whole internet footprint
Phishing response: Ensure that staff know how to report phishing emails
Third-party access: Have a comprehensive understanding of what level of privilege is extended into your systems, and to whom
NCSC services: Register for the Early Warning service, so that the NCSC can quickly inform you of any malicious activity
Brief your wider organisation: Ensure that other teams understand the situation and the heightened threat
https://www.zdnet.com/article/cybersecurity-11-steps-to-take-as-threat-levels-increase/