Holiday Cyber Best Practices: CISA and FBI Guidance

Clark Hill PLC

With the holiday season ahead, past trends indicate that threat actors will take advantage of businesses and organizations at reduced staffing levels and individuals working remotely. This alert highlights actions that can be taken proactively to defend against possible ransomware, business email compromise, or other forms of cyber threats.

The Cybersecurity & Infrastructure Security Agency and the FBI strongly urge all entities–especially critical infrastructure partners–to examine their current cybersecurity posture and implement best practices and mitigations to manage the risk posed by cyber threats. Specifically, CISA and the FBI urge users and organizations to take the following actions to protect themselves from becoming the next victim:

  • Identify business operations and technical security personnel for weekends and holidays that would be available to surge in the event of an incident or ransomware attack.
  • Implement multi-factor authentication for remote access and administrative accounts.
  • Mandate strong passwords or passphrases and ensure they are not reused across multiple accounts.
  • If you use remote desktop protocol (RDP) or any other potentially risky service, ensure it is secure and monitored.
  • Remind employees not to click on suspicious links and conduct exercises to raise awareness.

In addition to CISA and the FBI’s recommended actions, preparation including reviewing, practicing, and updating incident response plans, remote work plans, and backup contact trees can help to reduce the risk of business interruption.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Clark Hill PLC | Attorney Advertising

Written by:

Clark Hill PLC

Clark Hill PLC on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.