(TLP:CLEAR) Operation Winter SHIELD – FBI’s Most Impactful Cyber Resilience Actions Organizations Can Take

Summary: Last week, the FBI released a new Cyber Resilience Campaign called “Operation Winter SHIELD,” which distills the FBI’s 10 most impactful actions organizations can take to improve resilience against cyber intrusions. These recommendations were developed with domestic and international partners to draw on recent investigations to reflect adversary behavior and defensive gaps.

Winter SHIELD provides industry with a practical roadmap to better secure information technology (IT) and operational technology (OT) environments, hardening the nation’s digital infrastructure and reducing the attack surface.

Analyst Note: WaterISAC encourages members to review the 10 actions and incorporate them into resiliency efforts as needed. The following ten actions are highly applicable to water and wastewater systems and can supplement the guidance that WaterISAC and industry and federal partners have been disseminating to the sector regarding OT security, emergency response, and cyber resilience planning.

The ten actions include:

• Adopt phish-resistant authentication
• Implement a risk-based vulnerability management program
• Track and retire end-of-life technology on a defined schedule
• Manage third-party risk
• Protect security logs and preserve for an appropriate time period
• Maintain offline immutable backups and test restoration
• Identify, inventory, and protect internet-facing systems and services
• Strengthen email authentication and malicious content protections
• Reduce administrator privileges
• Exercise your incident response plan with all stakeholders

Original Source: https://www.fbi.gov/file-repository/operation-winter-shield-slick-v8.pdf/view

Related WaterISAC PIRs: 12