The FBI has launched Operation Winter SHIELD outlining ten actions which organizations should implement to help protect themselves, society and the state against cyber-attacks and malicious intrusions.
The Securing Homeland Infrastructure by Enhancing Layered Defense (SHIELD) cyber resilience campaign details actions which organizations can take to help detect, confront, and dismantle cyber threats.
“Winter SHIELD provides industry with a practical roadmap to better secure information technology (IT) and operational technology (OT) environments, hardening the nation’s digital infrastructure and reducing the attack surface,” the FBI said in an announcement on January 28.
“Our goal is simple: to move the needle on resilience across industry by helping organizations understand where adversaries are focused and what concrete steps they can take now (and build toward in the future) to make exploitation harder,” the agency added.
The campaign is tied to the US National Cyber Strategy and the FBI Cyber Strategy and over ten weeks it will detail actions which organizations can take to defend industry, government and critical infrastructure from cyber-attacks. The ten recommendations are:
- Adopt phish-resistant authentication
- Implement a risk-based vulnerability management program
- Track and retire end-of-life technology on a defined schedule
- Manage third-party risk
- Protect security logs and preserve for an appropriate time period
- Maintain offline immutable backups and test restoration
- Identify, inventory and protect internet-facing systems and service
- Strengthen email authentication and malicious content protections
- Reduce administrator privileges
- Exercise your incident response plan with all stakeholders
The FBI said it developed the recommendations alongside domestic and international partners. In addition, it drew on recent investigations to reflect both cybercriminal and nation-state adversary behavior, and identified defensive gaps within organizations IT infrastructure.