In a notice crossing international borders, the US’ Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and their counterparts in the UK, Australia, and New Zealand published an advisory which included cybersecurity best practices for information and communications technology, with a particular focus on enabling transparent discussion between managed service providers (MSPs) and their customers.
The advisory provides several action items for MSPs to execute as a means of reducing the risk of becoming target of a successful cyberattack. MSP customers should also verify that their contracts specify that the MPS implements the advisory’s measures and controls. These include:
- Prevent initial compromise by implementing mitigation resources to protect initial compromise attack methods from vulnerable devices, internet-facing services, brute force and password spraying, and phishing.
- Enable monitoring and logging, including storage of most important logs for at least six months, and implement endpoint detection and network defense monitoring capabilities in addition to using application “allowlisting” and “denylisting.”
- Secure remote access applications and enforce multifactor authentication (MFA) where possible to harden the infrastructure that enables access to networks and systems.
- Develop and exercise incident response and recovery plans, which should include roles and responsibilities for all organizational stakeholders, including executives, technical leads, and procurement officers.
- Understand and proactively manage supply chain risk across security, legal, and procurement groups, using risk assessments to identify and prioritize the allocation of resources.
Of the release, CISA Director Jen Easterly says, “Malicious cyber actors continue to target managed service providers, which can significantly increase downstream risk to the businesses and organizations they support. Securing MSPs are critical to our collective cyber defense, and CISA and our interagency and international partners are committed to hardening their security and improving the resilience of our global supply chain.
The mid-May 2022 advisory comes on the heels of continued concerns swirling around bad actors both stateside and abroad—particularly with the backdrop of Russia’s aggression in Ukraine and potential for hostilities in cyberspace and the threats to critical infrastructure these threats bring with them. Additionally, the knowledge that the average American small business is ill-prepared for a cyberattack means that MSPs should be even more prepared to help their clients reinforce their cybersecurity architecture.
Innovative Integration, Inc., Your Managed Service Provider
As managed service providers, the team at Innovative Integration is entirely committed to meeting and exceeding all government regulations and requirements. We take cybersecurity seriously and we do everything we can to safeguard your organization from the threats it faces every day. So, if you have questions about this recent advisory or if you need guidance about developing a more complete cybersecurity infrastructure, please don’t hesitate to contact Innovative; our team is ready to help you.