In this time of heightened risk due to the war in Ukraine, the U.S. Cybersecurity and Infrastructure Security Agency is urging organizations to share information about cyber incidents in order to increase collective resilience in the face of global cyberthreats.

Sharing information about cyber incidents allows the CISA to fill critical information gaps, rapidly deploy resources and render assistance to victims, analyze incoming information from across sectors to spot trends, and quickly share that information with network defenders to warn other potential victims.

To facilitate the information-sharing process, the CISA developed a Cyber Event Information Sharing Fact Sheet, which provides stakeholders with clear guidance about what to share, who should share, and how to share information about unusual cyber incidents or activity.

The CISA is also encouraging organizations to use the wealth of resources on its Shields Up webpage, including technical guidance for network defenders, and free tools and services.

On March 21, the White House announced that there “is now evolving intelligence that Russia may be exploring options for potential cyberattacks” against the United States in response to economic sanctions resulting from Russia’s invasion of Ukraine.

The White House urged organizations to implement a range of prevention strategies, such as using multi-factor authentication, backing up data and ensuring offline backups, running exercises and emergency plans, encrypting data and training employees.

Organizations were also advised to engage proactively with their local FBI field office or CISA regional office to establish relationships in advance of any cyber incidents.

In addition to the Shields Up webpage, the CISA is urging state and municipal officials to make use of several resources it provides:

• A cybersecurity advisory issued jointly by the CISA, the FBI and the National Security Agency on Jan. 11 describing the tactics, techniques and procedures frequently associated with Russian state-sponsored cyberattacks

• A CISA list of of cybersecurity measures to reduce the likelihood and impact of a cyberattack

• A Russia Cyber Threat Overview and Advisories webpage, with the CISA’s advisories about Russian state-sponsored threats

• A new catalog of free cybersecurity resources from CISA, the open-source community, and CISA’s private sector partners in the Joint Cyber Defense Collaborative

• A CISA Insights document, “Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure,” focusing on misinformation and disinformation campaigns used to sow public distrust and undermine security

CISA can offer help to organizations that have experienced cyber incidents and can use information from incident reports to protect other possible victims.

+
+