It comes as little surprise that cybersecurity has taken center stage for the business community as U.S. intelligence cautions that Russian-borne cyberattacks could increase in light of the country’s military conflict with Ukraine, which has entered its third week. The Cybersecurity & Infrastructure Security Agency issued a statement encouraging organizations to “take steps now to improve their cybersecurity and safeguard their critical assets.”
It was against this backdrop that Pearson-Kelly Technology of Springfield, Missouri—in conjunction with the Springfield Tech Council—hosted 75 small business executives and IT professionals from the city and surrounding communities for a cybersecurity presentation and Q&A.
The cybersecurity panel featured a pair of experts: Jay Ryerse, vice president of cybersecurity initiatives for ConnectWise and a 25-year veteran of the IT, security and cybersecurity sectors; and Tyler Stilley, CISSP, Pearson-Kelly Technology’s virtual chief information security officer (vCISO), who has spent the past 12 years in the technology industry, primarily in health care, where he helped craft cybersecurity solutions from scratch.
You can watch the video presentation below.
The panel also offered attendees a number of strategies and tactics that businesses can execute on in short order to augment their cybersecurity practices. A full assessment of a business’ current environment, as is always the case, will provide a better understanding of where an end-user stands to begin to craft a tailored solution and prioritize needs. Some simple steps businesses can take include:
- Verify software patches and updates are installed on all devices
- Enable multi-factor authentication (2FA)
- Change passwords for network devices and require 2FA
- Remove internet-facing management consoles
- Upgrade end of service software or hardware
- Document and train on the process for reporting suspicious activity
- Implement SIEM
- Test backups and take at least on version offline every month
- Review policies and procedures, especially incident response plans
- Perform a cybersecurity assessment
Hacker Flare-ups
Following Russia’s invasion of Ukraine, there were reports that groups partisan to each country may be bracing for a “Cyber World War” that may be triggered as sanctions against Russia by the United States and NATO continue to intensify. While there have been no documented attacks to date, the fear is that such groups may target critical infrastructures such as transportation, financial services, oil pipelines and power grids.
On March 1, the U.S. Senate passed the Strengthening American Cybersecurity Act. If it clears the House of Representatives, it would require companies to notify the government—namely Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) of potential attacks within 72 hours. The bill is facing opposition from other agencies, namely the FBI, for its lack of inclusion in the notification process.