How Tenacity Helps Enforce CISA’s Guidance on Cloud Security Cyberattacks
Want to know how Tenacity stacks up against CISA's Russian cyberattack recommendations? Here are all the ways we've got you covered...plus other tips for keeping your cybersecurity efforts safe from malicious attacks.
Earlier this week, the White House announced that Russia may be exploring options for potential cyberattacks, due to the unprecedented economic sanctions imposed on the country in response to the conflict in Ukraine. Together with the United State’s Cybersecurity and Infrastructure Security Agency (CISA), they called out to private businesses and organizations to prepare for potential malicious cyber activity.
“Evolving intelligence indicates that the Russian Government is exploring options for potential cyberattacks. Every organization — large and small — must be prepared to respond to disruptive cyber incidents.” - CISA
They also released a collection of recommended actions for organizations (regardless of size) to keep themselves protected against cyberattacks. Today, we wanted to quickly walk through how Tenacity already helps with several of these recommended steps, so our current clients can understand how they are currently protected.
Not a current Tenacity user? Many of the reports and protection checks we mention below are immediately accessible within our free 14 day trial. We believe that all organizations should have clarity over the security of their environment — customer or not.
1. Reduce the likelihood of a damaging cyber intrusion
Before you start pulling out the big defenses, start by making sure the basics are covered, i.e. the windows are shut and the doors are locked. This includes things like making sure all access points into your organization’s network are set up with multi-factor authentication. Next, make sure that all your software is up to date (especially those that have known exploited vulnerabilities) and that all ports and protocols not being used are disabled.
As for your cloud services, utilize Tenacity to review any potential vulnerabilities that may live in your Compliance or Violations dashboards. Tenacity scans your cloud environment in real time to search for things like publicly accessible S3 buckets, expired ACM certificates, or underutilized IAM Password Reuse Policies — all while ranking each violation in terms of severity, and providing context so you know why each resource was flagged and how you can resolve it.
2. Take steps to quickly detect a potential intrusion
A comprehensive cybersecurity strategy should focus equally on foundational security and active security. Make sure you are putting in the time now to set the foundation of your cloud environment up for success, so that you are creating a clear, well organized infrastructure where abnormalities or untagged resources will become evident quickly. You can do this in Tenacity by tagging each of your resources in groups that are relevant to your business context and monitoring your untagged assets. You can also track any assets created or destroyed within specific time frames in our Asset Changes dashboard.
As for active security, make sure you are utilizing a SIEM tool like Blumira to monitor for unexpected or unusual network behavior. Pairing a SIEM with a Foundational Security tool like Tenacity will ensure that your monitoring alerts are even more effective, as they have a narrower set of things that they have to pay attention to in a securely-built cloud environment.
3. Ensure that the organization is prepared in the case of an intrusion or destructive cyber incident
Once your system is prepared, make sure to backup your data and store it so it is isolated from network connections. Lastly, a plan without testing is no plan at all, so make sure that the roles and responsibilities of your cybersecurity team are clearly defined, including the specific roles of each individual in the case of a cybersecurity attack. Conduct a test of manual controls to make sure that your organization’s critical functions remain operable if your network becomes compromised, and take the extra step to test your backup procedures so you can be certain that your data can be restored quickly if your organization is impacted.
Tenacity’s cloud audit can help you be sure that your cloud environment is compliant with no failing checks, and that you have no resources within your environment that are misconfigured or could be potentially exploited by malicious cyberattacks.