CISA Insight on Increased Geopolitical Tensions and Threats

[Brian Kelly <bkelly () EDUCAUSE EDU>]

I’ve attached the recent CISA Insight on Increased Geopolitical Tensions and Threats, it provides a great overview of 
actions for both cybersecurity and physical protection readiness.

Things to do Today -
1. Prepare your organization for rapid response by adopting a state of heightened awareness — This ranges from 
reviewing your security and emergency preparedness plans, consuming relevant threat intelligence, minimizing coverage 
gaps in personnel availability, and making sure your emergency call tree is up to date.

2. Increase organizational vigilance — Ensure your security personnel are monitoring key internal security capabilities 
and that they know how to identify anomalous behavior. Assess your access control protocols. Flag any known Iranian 
indicators of compromise and tactics, techniques, and procedures for immediate response.

3. Confirm reporting processes — Ensure your personnel know how and when to report an incident. The well-being of your 
workforce and cyber infrastructure depends on awareness of threat activity. Consider reporting your cyber incidents to 
CISA as part of an early warning system<https://www.us-cert.gov/report>.

4. Exercise your incident response plan — Ensure your personnel are familiar with the key steps they need to take 
during an incident. Do they have the accesses they need? Do they know the processes? Are your various data sources 
logging as expected? Make sure personnel are positioned to act in a measured, calm, and unified manner.

5. Confirm offline backup — Ensure you have an offline backup of information critical to operations

Our Information Security Guide is a great resource - 
https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide

Helpful Incident Response and Ransomware Playbooks developed by the National Student Clearinghouse are available at - 
https://library.educause.edu/resources/2019/10/national-student-clearinghouse-playbooks

Brian

Brian Kelly, CISSP, CISM, CEH
Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
Follow HEISC on 
LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0>
 | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu>

direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/>
1150 18th Street, NW, Suite 900 Washington, DC 20036




**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: CISA-Insights-Increased-Geopolitical-Tensions-and-Threats-S508C.pdf
Description: CISA-Insights-Increased-Geopolitical-Tensions-and-Threats-S508C.pdf