Managing a Breach? Don’t Miss CISA’s Va …

You’re in the middle of mitigating a breach, and your IT department can feel like you’re out on an island alone, but with a variety of resources available for free from the Department of Homeland Security Cybersecurity Infrastructure Security Agency, there’s no reason to go it alone, according to Cybersecurity Advisor George Reeves.

Reeves joined the Texas Virtual Cybersecurity Summit, held on April 7 and 8, offering IT professionals from throughout the region a variety of resources to help prepare for and handle a breach. After all, groups like Hafnium (who were behind the Microsoft Exchange hack) and other bad actors are becoming more active than ever.

Recent events have been a continuous reminder as to why it’s so important to stay informed on all the existing cybersecurity threats. From SolarWinds to Microsoft Exchange, more organizations than ever have been tested this year, Reeves said.

“Our job is to help you recover, help you restore and maintain your critical services,” said Reeves.

With CISA’s help, organizations have the tools to navigate these challenges. For organizations looking to assess their current security vulnerabilities, or needing help with specific issues such as the Microsoft Exchange vulnerabilities, one vital place to look is on CISA’s website, which is filled with free (taxpayer funded) tools, assessments, tests, and other resources that will help build your complete cybersecurity infrastructure.

All tools are available through CISA here, including ways to work through the SolarWinds supply chain compromise and the Microsoft Exchange on-prem vulnerabilities.

CISA has released an overview on MITRE ATT&CK, as well as a command-line tool to help with detection of vulnerabilities called CHIRP (CISA Hunt and Incident Response Program), that goes through your environment to see if there are any hits. It is also useful to check out the Malware Analysis Reports, including details on the China Chopper Webshell, according to Reeves.

They’ve also just released the Aviary Dashboard, a companion resource to the Sparrow detection tool. It’s a dashboard that allows you to take down information and visualize current threats, Reeves said.

CISA works hard to develop tools and raise awareness of the current and imminent threats, including Automated Indicator Sharing (AIS) and the Multi-State Information Sharing & Analysis Center. AIS is a threat-sharing platform, collaboratively from across the country, while the MS-ISAC is a vital tool for the public sector – DHS-CISA supplements this. It’s a free program that allows for you to mediate and mitigate with the guidance of the experience of others who may have already seen this, Reeves said.