Cybersecurity Best Practices

Risk Management for COVID-19

CISA Insights - Risk Management for Novel Coronavirus (PDF|422.32KB) This information sheet provides insights for the physical, supply chain, and cybersecurity issues that may arise from the spread of Novel Coronavirus, or COVID-19, provided by the Cybersecurity and Infrastructure Security Agency

Cybersecurity is Everyone's Responsibility

All Texans need to remain vigilant and practice good cyber hygiene. The following are strong cyber practices everyone should consider:

  • Do not open suspicious or unexpected links or attachments in emails.
  • Hover over hyperlinks in emails to verify they are going to the anticipated site.
  • Be aware of malicious actors attempting to impersonate legitimate staff, and check the email sender name against the sender's email address.
  • Use unique strong passwords or pass-phrases for all accounts.
  • Do not provide personal or organizational information unless you are certain of the requestor's authority, identity, and legitimacy.
  • Alert your IT staff or supervisor if you have any concerns about the legitimacy of any email, attachment, or link.
  • Take advantage of available cybersecurity awareness training.

The following recommendations for IT professionals and providers can also reduce overall vulnerability:

  • Disable all unnecessary ports and protocols. Review network security device logs and determine whether to shut off unnecessary ports and protocols. Monitor common ports and protocols for command and control activity.
  • Enhance monitoring of network and email traffic. Review network signatures and indicators for focused operations activities, monitor for new phishing themes and adjust email rules accordingly, and follow best practices of restricting attachments via email or other mechanisms.  
  • Patch externally facing equipment. Focus on patching critical and high vulnerabilities that allow for remote code execution or denial of service on externally facing equipment.
  • Log and limit usage of PowerShell. Limit the usage of PowerShell to only users and accounts that need it, enable code signing of PowerShell scripts, and enable logging of all PowerShell commands.
  • Ensure backups are up to date and stored in an easily retrievable location that is air-gapped from the organizational network.

For more information and cybersecurity tips please see the attached guides below:

DIR Cybersecurity Resources

Managed Security Services

Managed Security Services (MSS) is an offering within DIR's Shared Services program, providing a cost-effective solution to state, local, municipal, and higher-education cybersecurity needs. MSS is composed of three (3) Service Components, each containing multiple services to choose from to meet your IT security needs:

  • Security Monitoring and Device Management
  • Incident Response
  • Risk and Compliance

Regarding incident management services, the MSS program provides 24x7 availability for incident response staff via an always available project bench of security subject matter experts, and MSS customers do not need to pay a retainer for incident management services, resulting in immediate cost-savings.

Completing an Inter-Agency or Inter-Local Contract now does not obligate you to purchase any services and can get an entity quicker response efforts if incident management services are needed.

Sign up for MSS Services

To begin the process of onboarding, please click on the Shared Technology Services Public Portal below.  Email DIRSharedServices@dir.texas.gov. If you have additional questions.

MSS Resources:

Shared Technology Services Public Portal

Everything You Need to Know about MSS Webinar (PDF Slides Only)

Managed Security Services Information

Shared Technology Services Program

 

SPECTRIM and SPECTRIM for Locals

The Statewide Portal for Enterprise Cybersecurity Threat, Risk, and Incident Management (SPECTRIM) portal provides tools for managing and reporting security incidents, conducting risk assessments, storing and managing organizational policies, performing assessment and authorization (A&A) on information systems, templates for agency security planning activities, and more. 

DIR has implemented a Governance, Risk, and Compliance software tool available to all state agencies, public institutions of higher education, and public junior colleges. Local government entities can purchase SPECTRIM for Locals through the MSS program at a steeply discounted rate.

SPECTRIM Webpage

 

Security Community Mail List

The Security List is a moderated distribution list that allows Texas government IT security personnel to share information and to collaborate with their peers via email.

Subscribe to Security list

Subscribers may use the list to:

  • Receive updates on current security alerts including alerts from MS-ISAC and US-CERT   
  • Receive notifications and alerts from DIR specific to state and local government entities
  • Receive DIR news and upcoming events such as training opportunities and webinars
  • Discuss technical issues   
  • Request referrals or opinions about IT security products and services

External Resources

National Institute of Standards and Technology (NIST) Cybersecurity Resources

Multi-State Sharing and Analysis Center (MS-ISAC) Center for Internet Security

FTC Identity Theft Recovery Plan

DHS Privacy Impact Assessments

SANS Information Security Policy Templates

 

Report an Incident/File a Complaint

Texas State Agencies, Institutions of Higher Education, and Community Colleges

Statewide Portal for Enterprise Cybersecurity Threat, Risk, & Incident Management (SPECTRIM)

General Reporting

Texas Department of Public Safety Computer Information Technology Electronic Crime Unit

Federal Trade Commission

US-Computer Emergency Response Team (US-CERT)

FBI Internet Crime Complaint Center (IC3)


Support and Inquiries

For additional information and tips for preventing cyber threats, contact DIRSecurity@dir.texas.gov.

For other media and other public information inquiries, visit our Contact DIR webpage.