Here're the 8 tips I copied from Rapid7 for "emergency field security" that any defenders can take immediately.
Given the urgency, many information security teams find themselves scrambling to prioritize mitigation actions and protect their networks. Some may not have time to make their networks less flat, patch all the vulnerabilities, set up a backup plan, encrypt all the data at rest, and practice a incident response scenarios before disaster strikes.
With essential security, it helps identifying urgent steps to take right now.
- Starts prioritize those patches with CISA's KEV.
- Keep an eye on egress.
- Review Active Directory (AD) groups.
- Don't laugh off LOL.
- Don't push it.
- Stick to the script.
- Call for backup.
- Practice good posture.
Links