Securing Your Organization
On this page:
IT Recommendations to Reduce Vulnerability
Helpful Resources
Critical Infrastructure Recommendations and Resources
IT Recommendations to Reduce Vulnerability
The following recommendations for IT professionals and providers can also reduce overall vulnerability:
-
Disable all unnecessary ports and protocols. Review network security device logs and determine whether to shut off unnecessary ports and protocols. Monitor common ports and protocols for command and control activity.
-
Enhance monitoring of network and email traffic. Review network signatures and indicators for focused operations activities, monitor for new phishing themes and adjust email blocking rules accordingly, and follow best practices of restricting attachments via email or other mechanisms.
-
Patch externally facing equipment. Focus on patching vulnerabilities that allow for remote code execution or denial of service on externally facing equipment.
-
Log and limit usage of PowerShell. Limit the usage of PowerShell to only users and accounts that need it, enable code signing of PowerShell scripts, and enable logging of all PowerShell commands.
-
Ensure backups are up to date and stored in an easily retrievable location that is air-gapped from the organizational network. If possible, ensure offline backups also exist that will allow you to restore critical business data in the event your routine backups are corrupted.
-
Communicate with your providers. Reach out to your third-party providers, such as your ISP, to ensure you have communication paths established in case you are the victim of a cyber event.
Helpful Resources
- The State of Texas Guide to Cybersecurity Incident Response
- The State of Texas Guide to Cybersecurity Resources
- Insights from the Cybersecurity and Infrastructure Security Agency
- Federal Ransomware Tip Sheet