Request a demo

Less than 24 hours ago, the White House issued a warning that companies within the United States should take steps to protect themselves from potential Russian cyber attacks. As stated by the President, it would be “part of Russia’s playbook” to leverage cyber warfare in response to the unprecedented economic sanctions imposed by the United States and its allies around the world.

This warning is not just limited to major corporations, banking systems or critical infrastructure; but applies to any organization that conducts business online; maintains digitally controlled systems or relies on digital supply chains and cyber networks. One thing that we’ve learned from the rise in cyberattacks is that any company is at risk.

To help organizations prepare, CISA, NSA, and FBI have published cybersecurity advisories that set out protections the private sector can deploy to improve security. CISA continues to update its “Shields Up” initiative with new guidance, as well as a reporting tool and hotline for anyone who experiences a malicious cyber incident.

Along with yesterday's statement, the White House also released a fact sheet of eight concrete steps organizations should undertake now, and another five on how tech companies should improve security around product development.

The recommended immediate steps that all organizations should incorporate into their cyber program include:

  • Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
  • Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
  • Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
  • Back up your data and ensure you have offline backups beyond the reach of malicious actors;
  • Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
  • Encrypt your data so it cannot be used if it is stolen;
  • Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and
  • Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.

How SimSpace Helps

Many of the recommendations are our bread and butter. Every day we help organizations practice responding to incidents before they face them in reality. This includes training against the TTPs of known Russian APT groups and developing automated attack scenarios that leverage real threat intelligence for intrusion detection.

SimSpace's professional services team offers stack optimization, which can help organizations identify the right tools for their stack, tune their configurations, and validate their settings for the specific deployment environments and industries. Additionally, the SimSpace Cyber Force Platform helps security teams to better prioritize patches while testing their safety and effectiveness against realistic threats before pushing to production.

Lastly, our threat-informed content team is regularly creating training modules to help security teams defend against specific vulnerabilities and exploits. From the recent Dirty Pipe exploits to the resurgence of PrintNightmare, Log4J, ProxyLogon, Zerologon and CurveBall our teams are developing and reinforcing content modules to ensure your teams are ready to face the evolving threat landscape.

Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies, put it best when she said, “This is about us — the work we need to do to lock our digital doors and to put the country in the best defensive position.”

For more information about how SimSpace can help your organization prepare for advanced cyber threats, contact us at sales@simspace.com

Blog byChris Michaels
Chris Michaels
Chris Michaels
Chris Michaels is the Director of Communications and Brand at SimSpace. He brings over 25 years of high-tech marketing and public relations experience, having worked with many of the world's largest tech brands including Intel, HP, Microsoft, Bitdefender, ServiceNow, Kingston Technology and others.