Educause Security Discussion mailing list archives
CISA Insight on Increased Geopolitical Tensions and Threats
From: Brian Kelly <bkelly () EDUCAUSE EDU>
Date: Wed, 8 Jan 2020 13:49:28 +0000
I’ve attached the recent CISA Insight on Increased Geopolitical Tensions and Threats, it provides a great overview of actions for both cybersecurity and physical protection readiness. Things to do Today - 1. Prepare your organization for rapid response by adopting a state of heightened awareness — This ranges from reviewing your security and emergency preparedness plans, consuming relevant threat intelligence, minimizing coverage gaps in personnel availability, and making sure your emergency call tree is up to date. 2. Increase organizational vigilance — Ensure your security personnel are monitoring key internal security capabilities and that they know how to identify anomalous behavior. Assess your access control protocols. Flag any known Iranian indicators of compromise and tactics, techniques, and procedures for immediate response. 3. Confirm reporting processes — Ensure your personnel know how and when to report an incident. The well-being of your workforce and cyber infrastructure depends on awareness of threat activity. Consider reporting your cyber incidents to CISA as part of an early warning system<https://www.us-cert.gov/report>. 4. Exercise your incident response plan — Ensure your personnel are familiar with the key steps they need to take during an incident. Do they have the accesses they need? Do they know the processes? Are your various data sources logging as expected? Make sure personnel are positioned to act in a measured, calm, and unified manner. 5. Confirm offline backup — Ensure you have an offline backup of information critical to operations Our Information Security Guide is a great resource - https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide Helpful Incident Response and Ransomware Playbooks developed by the National Student Clearinghouse are available at - https://library.educause.edu/resources/2019/10/national-student-clearinghouse-playbooks Brian Brian Kelly, CISSP, CISM, CEH Director, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good Follow HEISC on LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0> | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu> direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/> 1150 18th Street, NW, Suite 900 Washington, DC 20036 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Attachment:
CISA-Insights-Increased-Geopolitical-Tensions-and-Threats-S508C.pdf
Description: CISA-Insights-Increased-Geopolitical-Tensions-and-Threats-S508C.pdf
Current thread:
- CISA Insight on Increased Geopolitical Tensions and Threats Brian Kelly (Jan 08)