Five Best Practices for Cybersecurity

close up photo of mining rig

In June, Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, issued a memo on behalf of the White House urging corporate executives and business leaders to take immediate steps to prepare for ransomware attacks. The memo warned that cybercriminals are shifting from stealing data to disrupting core operations. The memo incorporates five best practices recommended by the U.S. Government in President Biden’s Executive Order issued on May 12, 2021. They are as follows:

Backup data, system images and configurations. Regularly test them and keep backups offline. Ensuring that backups are regularly tested and not connected to the business network is critical, as many ransomware attacks attempt to encrypt or delete accessible backups. Storing backups offline allows an organization to restore its systems, even when networks are encrypted with ransomware.

Update and patch systems promptly. Include operating systems, applications and firmware in the timely updating of security patches. Consider a centralized patch management system and use a risk-based assessment strategy to drive patch management.

Test incident response plans. Testing is critical to identify security gaps. Run through core questions and use answers to build a response plan. Good questions to ask include: Can business operations be sustained without access to certain systems? For how long? Would manufacturing operations be turned off if business systems such as billing were offline?

Check security team work. Use a third party pen tester to test the security of systems and ability to defend against a sophisticated attack.

Segment networks. Ransomware attacks have shifted from stealing data to disrupting operations. It is critical to separate corporate business functions and manufacturing production operations. Filter and limit access to operational networks, identifying links between those networks and developing workarounds or manual controls to ensure networks can be isolated and continue to operate if the corporate network is compromised.

By no means is this meant to be a political post. Rather, the five best practices herein are recommended by top cybersecurity professionals. Moreover, local governments can adopt these best practices as well…and should. While your IT team is probably aware of these practices already, as a policymaker you will want to assure them that you are behind them 100% and adopt some effective policies and response plans. For more information on how you can prevent and respond to a ransomware attack visit this CISA website.

About: Will Trevino

Will has over 10 years of experience working with municipal governments. He previously worked for the Fort Worth City Attorney’s Office for five years where he advised on election law, municipal procurement, Human Resource matters, the City’s Minority Business Enterprise Division, open meetings, public information, and prosecuted Class C misdemeanor violations of the Texas Penal Code, Texas Transportation Code and Fort Worth City Code. Will has drafted ordinances relating to sexually oriented businesses, zoning, subdivision, building code, special events, smoking regulations, franchise agreements, solicitation, and rights-of-way. Will has additional experience working in municipal government where he served for over 5 years in various roles, including chief of staff and district director, to several council members in Houston and Fort Worth. He is currently the City Attorney for the Cities of Clarksville, Whitney and Bartlett. Will is also involved in all aspects of municipal service to Messer, Fort & McDonald’s clients in Austin and Frisco, including municipal court prosecution. Above all, Will has a passion for advising clients on cybersecurity matters.