This week the White House released a statement warning of potential cyber attacks. The statement was accompanied by a fact sheet outlining specific steps companies should take “with urgency” to “harden cyber defenses immediately.”
ScaleSec builds modern security programs with cloud customers. We offer this review of the White House Cybersecurity Statement to equip those who need answers and guidance immediately.
Many of our clients are already addressing the security steps outlined below. But many more start-ups and small-to-medium sized businesses are facing these challenges with staff stretched thin, in conditions where hiring is as difficult as it has ever been, and when technology is evolving faster and faster.
Major cloud providers include native security services and features that security administrators can use right away. Our team has pulled together a concise list of links to accelerate planning and implementation. We hope this encourages teams to further secure their cloud environments, and allows companies to stay as focused as possible on their businesses.
We urge companies to execute the following steps with urgency:
Azure AD: Azure AD Multi-Factor Authentication overview | Microsoft Docs
O365: Set up multifactor authentication for users - Microsoft 365 admin
AWS IAM: IAM tutorial: Permit users to manage their credentials and MFA settings
Google Cloud Identity and Google Workspace (G Suite) Enforce uniform MFA to company-owned resources | Cloud Identity
For a multifactor authentication device, we recommend use of hardware keys which have been shown to greatly reduce phishing.
Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities
Google Using Security Health Analytics | Security Command Center | Google Cloud
AWS
Azure Microsoft Defender for Cloud - CSPM & CWPP | Microsoft Azure
A password manager is useful here. Here are some:
Understand the role your provider plays:
Note: The AWS Security Incident Response Guide includes notes about simulations Simulate - AWS Security Incident Response Guide
Note: CISA provides materials for tabletop exercises CTEP Package Documents | CISA
Review your support plans and make sure the support and SLAs meet your business needs.
Anomaly detection in cloud:
Google Using Event Threat Detection | Security Command Center | Google Cloud
AWS Intelligent Threat Detection—Amazon GuardDuty–Amazon Web Services
We encourage technology and software companies to:
Start from the ground up by securing your cloud platform. Look for issues reported in the security dashboard for your cloud:
Manage access control and other policies centrally with these cloud services:
Google Resource hierarchy | Resource Manager Documentation | Google Cloud
Azure Overview of Azure Policy
Code security scanning services:
Google Overview of Web Security Scanner | Security Command Center | Google Cloud
AWS Amazon CodeGuru | Find Your Most Expensive Lines Of Code | AWS
Microsoft About GitHub Advanced Security
OWASP maintains a list here: Vulnerability Scanning Tools | OWASP Foundation
In-line web security services:
Operating system vulnerability management:
Google Container scanning | Container Analysis documentation | Google Cloud
AWS Automated Vulnerability Management – Amazon Inspector – Amazon Web Services
Azure Azure Automation Update Management overview | Microsoft Docs
Code provenance:
Google Viewing build provenance | Cloud Build Documentation | Google Cloud
Google Google Online Security Blog: Introducing SLSA, an End-to-End Framework for Supply Chain Integrity
Microsoft Features · Security · GitHub
Get started with SBOM:
https://github.com/awesomeSBOM/awesome-sbom
Implement the security practices mandated in the President’s Executive Order, Improving our Nation’s Cybersecurity.
We wrote about this EO here: Executive order | ScaleSec