BitsnBytes Fall2023

Bits & bytes Fall 2023 11 Recommendations The successful exploitation of Cisco software vulnerability could lead to unauthorized VPN sessions and ransomware installations. To safeguard against potential threats, follow these NJCCIC recommendations: Stay vigilant and follow the provided recommendations to mitigate risk. Regularly check updates from CISCO regarding a permanent solution to this issue. To read the original article, click the button below. Apply workarounds provided by CISCO. Use multi-factor authentication for system access. Enhance network security. Once available, apply patches and workarounds provided by CISCO to vulnerable systems after testing. Limit access to file sharing and unnecessary services, as well as remote access to computers. Remove or deny access to unnecessary and potentially vulnerable software. Apply the Principle of Least Privilege (POLP) to all systems and services to ensure that only authorized users have the permissions to execute jobs within certain systems, applications, data, and other assets. 01 05 03 02 06 07 04 Isolate crucial elements: Set up separate network sections to keep important systems, functions, and resources apart. Segmentations: Use both physical and logical separation to stop access to sensitive systems and information. Create a Demilitarized Zone (DMZ) for Internet-Facing Services: Establish DMZ’s to confine internet-facing services to prevent direct exposure to internal networks. Cloud isolation: Set up distinct Virtual Private Cloud (VPC) instances to keep critical cloud systems separate and secure. Gerry Blass President & CEO, ComplyAssistant 800-609-3414 Ext 700 www.complyassistant.com Mike Underwood Director, Integrated Marketing, Communications and Brand Strategy 609-759-5096 munderwood@ixpcorp.com www.ixpcorp.com NJCCIC