2021 was truly an eventful year for cybersecurity, from start to finish. We saw all the same issues we saw in 2020 and before; Ransomware, Supply Chain Attacks, DDoS, Defacements, just to name a few.
Through it all, we at Milton, along with many others in the Cybersecurity / Infosec industry keep repeating the same basic things, like a mantra, to everyone and anyone who would listen. There are some very basic things that can be done to help to mitigate a number of these issues. Now, mitigation does not mean complete protection, it means it raises the barrier, increases the level of protection from what you currently have, using some very basic tools already at your disposal.
In 2018, I penned a blog post titled Happy New Year, Same as the Old Year where I walked through the song “Once In A Lifetime” by the Talking Heads and correlated it to, well, exactly the same point as this post. So rather than repeating myself, let’s make this super simple.
Here are 10 things that you should start working on right now to make 2022 a better year:
- MFA for everything that is accessible from the outside at a minimum
- Its 2022, drop NTLM v1 for goodness sake
- Stop leaving RDP open to the world (with or without MFA)
- Harden your AD Infrastructure
- Collect logs from all systems (We can help with that)
- Review logs on an ongoing basis closely. (We can help with that, too)
- Threat hunt in your logs (You guessed it – We can help with that!)
- Review your perimeter/Firewall settings
- Review account permissions across all systems, and users. Remember to use Least Privilege (Microsoft has been saying this since 2005)
- Immutable Backups of everything.
2022 is going to be a very interesting year. Have we learned the lessons of the past 20+ years and really strengthened our systems? Will organizations (yours?), especially governmental and SMBs, have the budget to do so? Doing these 10 items will cost time, money and personnel to some extent, but nowhere near the cost of a breach.
Happy New Year to you !