CISA Warns “Every Organization” in U.S. to Assess + Respond to Cyber Risks

The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over Ukraine.

According to the CISA Insights publication entitled “Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats,” “public and private entities in Ukraine have suffered a series of malicious cyber incidents, including website defacement and private sector reports of potentially destructive malware on their systems that could result in severe harm to critical functions.” CISA notes that destructive malware similar to NotPetya and WannaCry ransomware have been identified that could “cause significant widespread damage to critical infrastructure.”

CISA urges that “all organizations, regardless of sector or size, should immediately implement the steps outlined below.”

Those steps include specific items to “reduce the likelihood of a damaging cyber intrusion… quickly detect a potential intrusion…ensure that the organization is prepared to respond if an intrusion occurs…and maximize the organization’s resilience to a destructive cyber incident.”

The continued warnings from CISA are concerning and worth heeding.