No-Cost Cyber-Defense Resources for Academia
By Brendan Montagne
From phishing campaigns to ransomware attacks, academia is often at the forefront of cyber threats. Yet many schools and colleges have limited resources to defend their systems and data. By joining the Multi-State Information Sharing and Analysis Center (MS-ISAC® ) State, Local, Tribal, and Territorial (SLTT) organizations, including public education institutions, you can build and grow a strong cyber defense program. The MS-ISAC, a division of the Center for Internet Security, Inc. (CIS® ), has been designated by the Department of Homeland Security, as its key resource for cyber threat detection, recovery, and response for SLTT entities.
Additionally, members of the MS-ISAC are given access to consensus-developed cybersecurity best practices from CIS® . Keep reading to learn how your organization can build a robust cybersecurity program with a little help from the MS-ISAC and CIS.
FIND YOUR SECURITY COMMUNITY
Building a cyber-defense program can be intimidating, but you don’t have to do it alone. An ISAC, or Information Sharing and Analysis Center, helps organizations collect and understand cyber threat intelligence. ISACs can help provide key cybersecurity services and information for defending your organization from attacks.
Let’s examine three services offered by the MS-ISAC that schools can leverage for cyber defense:
• Security Operations Center (SOC): A 24-hour facility with security experts that monitor for SLTT cyber threats and help affected entities recover. The SOC examines over 10,000 cyber alerts each month.
• IP & Domain Monitoring: The MS-ISAC collects information about out-of-date applications running on known SLTT domains & IPs. This can help you identify and update vulnerable programs.
• Computer Emergency Response Team (CERT): Provides SLTT governments with incident response, malware analysis, computer and network forensics, and malicious code analysis/mitigation.
BUILD A CYBER-DEFENSE BASELINE
Between different government regulations, industry standards, and security requirements, just knowing where to start can be daunting. CIS works with a global community of cybersecurity professionals and subject matter experts (SMEs) to identify, validate, and promote best practices. These prioritized security steps are called CIS Controls®. They are organized from foundational, essential security actions to more advanced cyberdefense techniques.
The latest version of the CIS Controls introduces Implementation Groups 1, 2, and 3. This additional categorization helps organizations with limited resources, like schools, prioritize their defensive actions. Implementation Group 1 forms the base level of security that all organizations should strive for as a minimum cyber hygiene standard. It includes actions like:
• Maintaining an inventory of devices and software
• Securely configuring applications, operating systems, and hardware
• Implementing secure firewall restrictions
The CIS Controls are also mapped to popular cybersecurity frameworks such as NIST (National Institute of Standards and Technology), PCI DSS (Payment Card Industry Data Security Standard), and FedRAMP (Federal Risk Authorization Management Program). Many organizations use the CIS Controls as an “on-ramp” to achieve compliance for additional security programs.
CONFIGURE SYSTEMS WITH CONFIDENCE
The CIS Controls community is one of many. In fact, CIS operates consensus development communities to help create configuration guidelines for over 140 technologies. These security settings for operating systems, applications, network devices, and more are called the CIS BenchmarksTM. They’re free to download for securing endpoints and cloud infrastructure.
Why focus on secure configurations? For starters, technology is built for convenience over security. This necessitates a review of all security settings. In addition to being a core component recommended by the CIS Controls, implementing a secure configuration standard can help defend against threats including:
• Privilege escalation
• Unauthorized access to systems, data, or network ports
SLTT government organizations, including U.S. public schools, are eligible for no-cost membership to the CIS SecureSuite® community, an exclusive benefit to the program. CIS SecureSuite Membership grants organizations access to tools and resources that automate the CIS Benchmark configuration review. Academic organizations using CIS SecureSuite Membership can take advantage of special benefits for securing and educating students. Over 2,000 organizations globally are part of CIS SecureSuite.
JOIN THE MS-ISAC
Several of our members have limited resources to dedicate to a cyberdefense program. Nevertheless, the threats are real. From the student who unknowingly uses a malware-infected USB at the library to cybercriminals seeking ransomware payments, public schools need to be on guard. By connecting with the MS-ISAC community, applying security best practices from CIS and using the tools included in CIS SecureSuite Membership, you are well on your way to improving the security of your academic institution.
Register for MS-ISAC membership or reach out to email@example.com to begin building your cybersecurity program!
 https://www.cisecurity.org/cis-benchmarks-webinar/?utm_ source=CETPA