2022 Resolution: Cybersecurity Verification
Due to heightened risk of cyber attack, the Cybersecurity and Infrastructure Security Agency (CISA) recently published a short checklist of urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise. The recommendations include validating remote access to the organization’s network and confirming that all ports and services that are not essential for business purpose have been disabled. We invite every organization to not only review the list of controls but to also invest in independent verification of their correct implementation. Verified cybersecurity makes all the difference between catastrophic failure and operational resiliency. This is particularly true for OT networks where configuration changes can erode security controls such as network segmentation over time.