Insights

Advanced Persistent Threats

Written by Ballast Services | Aug 4, 2021 4:00:00 AM

Our nation is at war! Advanced Persistent Threat (APT) Actors are targeting government agencies and businesses at an alarming rate. The attackers are focusing on agencies and companies that operate and service critical infrastructure (power, water, communications), supply chains (food, manufacturing), and technology service companies focused on keeping the US economy running. 

APT actors have the capability to lurk in systems for months at a time while stealing confidential information daily. When the actors are discovered or decide to take action, the victims (local, state, and national government entities and private industry businesses) are often shuttered for extended periods of time while the APT attackers demand millions of dollars in ransom payments.  

The frequency and criticality of the attacks are to the point where the US President recently enacted an Executive Order to improve the Nation’s Cyber Defense. Click here to read the Executive Order if you are not familiar with the directive. 

The order is specific to government agencies and private business entities along with their sub-contractors that serve the federal government, and the order will likely expand to all US states and additional businesses over time. The President’s Executive Order sets a serious tone, and the order is the catalyst for the development of new government agencies and mandatory standards for the government and businesses that conduct business with the government.  

In summary, the President’s Executive Order fosters better sharing of data between the government and private industry, requires the implementation of stronger security standards such as MFA and encryption, and sets standards for the development of software sold to the government. The President’s Executive Order also establishes a new government cybersecurity control board, requires a new standard cybersecurity response playbook, and forces improvements in investigation and remediation capabilities specific to logging data, alerting, and reporting cybersecurity incidents. 

The question you probably have is how does this impact you and what does your business need to do to prepare?  

(1) Plan to invest in your cybersecurity defense. If your business hasn’t properly invested in cybersecurity, you must start now. If you do business with the government or do business with a company that does business with the government, you will be immediately impacted. Business leaders should educate board members and executive leaders on the new government directive. Leaders must be knowledgeable and prepared to invest in the new standards quickly. 

(2) Engage with your partners and vendors.  Begin conversations with your business partners and vendors quickly about this new directive and make it clear that cybersecurity standards must be implemented and adhered to quickly to protect your business and adhere to new government standards.  It is also critical that all business partners and vendors step up and meet your requirements and the requirements of the government.  

(3) Get ready for changes in cybersecurity.  It is expected that the need to obtain cybersecurity insurance will likely become mandatory for all businesses.  Cybersecurity insurance providers will likely upgrade their requirements, so acquiring cybersecurity insurance may be more difficult. It will be tougher for your business to get insurance without having the proper process, technology, and cybersecurity controls in place. This will drive the need for more cybersecurity-related investments in your company’s operating budget. 

(4) Implement security improvements quickly! For businesses that have not invested in an internal cybersecurity team, it is recommended that they partner with a cybersecurity-focused company that will quickly identify your technology and compliance gaps and builds a plan to quickly improve your security posture.  Realize that no one or two people on your team can keep up with all the security changes and it is best to partner with a company focused on security best practices that can keep up with the changing threat landscape. Having the right partner will bolster your company’s capabilities and enable the implementation of best-practice security standards such as network segmentation, multi-factor authorization, data encryption, security patching, AI-based EDR, data back-ups, email filtering, threat monitoring, threat hunting, and employee security awareness training. 

(5) Proactively know your business risk. Businesses should invest in a proactive health check of their perimeter security, secure their cloud environment, and get control of their privileged accounts quickly. A security risk assessment focused on security best practices along with compliance for your specific industry is highly recommended. This will enable business leaders to prioritize their investment and focus on the remediation of critical risks and gaps in their cybersecurity. 

(6) Educate your employees and don’t stop teaching!  Employees are the first line of defense with cybersecurity, and it is important to communicate with your team consistently about cybersecurity best practices.  Employees must be consistently trained, and a formal cybersecurity awareness training program should be instilled. Focus on a methodical cybersecurity cultural change and realize improving security takes everyone’s focus. Train your team and help them realize that cybersecurity is not a one-time action but requires an ongoing change in mindset and processes for conducting business.   

(7) Make the investment. A top-notch cyber defense is affordable and is required in today’s world. It will soon be mandatory and a requirement to do business. The decision to not invest in cybersecurity will likely be a fatal decision for your business, so get started now! 

(8) Engage the Experts - There is no perfect solution to cybersecurity but implementing best practices will significantly decrease the risk of attack to your business. The government mandates include many best practices, but it is up to you and your business to ensure you have the technology, process, and expertise to properly secure your environment. Every business environment has unique things to consider. This is why engaging with industry experts that look across multiple environments with a focus on keeping up with the latest threats will be critical to the protection of your business going forward. 

If you have questions or need assistance, please reach out to the experts at Ballast Services for a complimentary consultation. We will work with you to clarify the new requirements and serve as a catalyst to consistently improve your cybersecurity posture! 

Modernize, Optimize, Stabilize, and Secure your organization today. Contact us at 813-568-9011, visit our website at https://ballastservices.com, or click on Get In Touch to speak with us today.