Responding to the White House's Russian Cyber Threat Advisory
Less than 24 hours ago, the White House issued a warning that companies within the United States should take steps to protect themselves from potential Russian cyber attacks. As stated by the President, it would be “part of Russia’s playbook” to leverage cyber warfare in response to the unprecedented economic sanctions imposed by the United States and its allies around the world.
This warning is not just limited to major corporations, banking systems or critical infrastructure; but applies to any organization that conducts business online; maintains digitally controlled systems or relies on digital supply chains and cyber networks. One thing that we’ve learned from the rise in cyberattacks is that any company is at risk.
To help organizations prepare, CISA, NSA, and FBI have published cybersecurity advisories that set out protections the private sector can deploy to improve security. CISA continues to update its “Shields Up” initiative with new guidance, as well as a reporting tool and hotline for anyone who experiences a malicious cyber incident.
Along with yesterday's statement, the White House also released a fact sheet of eight concrete steps organizations should undertake now, and another five on how tech companies should improve security around product development.
The recommended immediate steps that all organizations should incorporate into their cyber program include:
Many of the recommendations are our bread and butter. Every day we help organizations practice responding to incidents before they face them in reality. This includes training against the TTPs of known Russian APT groups and developing automated attack scenarios that leverage real threat intelligence for intrusion detection.
SimSpace's professional services team offers stack optimization, which can help organizations identify the right tools for their stack, tune their configurations, and validate their settings for the specific deployment environments and industries. Additionally, the SimSpace Cyber Force Platform helps security teams to better prioritize patches while testing their safety and effectiveness against realistic threats before pushing to production.
Lastly, our threat-informed content team is regularly creating training modules to help security teams defend against specific vulnerabilities and exploits. From the recent Dirty Pipe exploits to the resurgence of PrintNightmare, Log4J, ProxyLogon, Zerologon and CurveBall our teams are developing and reinforcing content modules to ensure your teams are ready to face the evolving threat landscape.
Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies, put it best when she said, “This is about us — the work we need to do to lock our digital doors and to put the country in the best defensive position.”
For more information about how SimSpace can help your organization prepare for advanced cyber threats, contact us at firstname.lastname@example.org.
Take the next step toward continuous security improvement
With SimSpace, you can assess
and optimize your complete
security posture — all in one platform