- Implement a defense-in-depth strategy using multiple layers of security controls, including firewalls, intrusion detection systems, anti-virus software, and EDR. Creating redundancy can reduce risk and increase resiliency to cyber threats.
- Keep systems up to date and apply patches after appropriate testing.
- Enforce the principles of least privilege, use strong, unique passwords, and enable multi-factor authentication (MFA) for all accounts where available, choosing authentication apps or hardware tokens over SMS text-based codes.
- Ensure operational technology (OT) environments are segmented from information technology (IT) environments.
- Perform scheduled backups regularly, keeping an updated copy offline in a separate and secure location and testing it regularly.
- Conduct continuous monitoring and threat hunting. Ingest indicators of compromise (IOCs) and techniques found in the CheckPoint report into endpoint security solutions and consider leveraging behavior-based detection tools rather than signature-based tools.
- Report cyber incidents to the FBI's IC3 and the NJCCIC.
