The Cybersecurity and Infrastructure Security Agency (CISA) has collected and published a list of free cybersecurity services and tools to help organisations of all sizes reduce their cybersecurity risk. The webpage was published to be the front door of starting point for a one-stop-shop for free services tools from CISA, the open-source community and private- and public-sector organisations including Joint Cyber Defence Collaborative partners.
The initial list includes services and tools from CISA, open-source community, and private and public sector organisations across the cybersecurity community including Joint Cyber Defense Collaborative (JCDC) partners. The list is organised to align with CISA’s recent advisory on:
- Reducing the likelihood of a damaging cyber incident, including by preventing devices from connecting to malicious sites and scanning for security weaknesses and vulnerabilities. Validate that all remote access to the organisation’s network and privileged or administrative access
requires multi-factor authentication. Confirm that the organisation’s IT personnel have disabled all ports and protocols that are not essential for business purposes.
- Detecting malicious activity quickly, including by deploying network intrusion detection and prevention, undertaking penetration testing, and improving endpoint detections. Ensure that cybersecurity/IT personnel are focused on identifying and quickly assessing any unexpected or unusual network behaviour. Enable logging to better investigate issues or events. If the organisation is using cloud services, ensure that IT personnel have reviewed and implemented strong controls outlined in CISA’s guidance.
- Responding effectively to confirmed incidents, including through collection and analysis of malware and other artefacts. Designate a crisis-response team with main points of contact for a suspected cybersecurity incident and roles/responsibilities within the organisation, including technology, communications, legal and business continuity. Assure availability of key personnel; identify means to provide surge support for responding to an incident.
- Maximising resilience, including by automating system backups and enhancing threat modelling. Test backup procedures to ensure that critical data can be rapidly restored if the organisation is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.
CISA also includes the foundational measures that it says are key to implementing a strong cybersecurity program: fixing known software flaws, implementing multifactor authentication, eliminating bad practices, signing up for CISA’s automated cyber hygiene vulnerability scanning and removing connected devices from internet-of-things search engines via Get Your S.O.S.
Many organisations, both public and private, are target-rich and resource-poor. The resources on this list will help such organisations improve their security posture, which is particularly critical in the current heightened threat environment. This initial catalogue will grow and mature as we include additional free tools from other partners
As reported by OpenGov Asia, with the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local governments, as well as private sector organisations, the United States needs trustworthy secure systems has never been more important to the long-term economic and national security interests. Engineering-based solutions are essential to managing the complexity, dynamicity, and interconnectedness of today’s systems.
National Institute of Standards and Technology (NIST) titled “Engineering Trustworthy Secure Systems”, addresses the engineering-driven perspective and actions necessary to develop more defensible and survivable systems, inclusive of the machine, physical, and human components that compose those systems and the capabilities and services delivered by those systems.
The need for trustworthy secure systems stems from the adverse effects associated with a diverse set of stakeholder needs that are driven by mission, business, and other objectives and concerns. The characteristics of these systems reflect a growth in the geographic size, number, and types of components and technologies that compose the systems; the complexity and dynamicity in the behaviours and outcomes of the systems; and the increased dependence that results in a range of consequences from major inconvenience to catastrophic loss due to adversity within the global operating environment.