The procedure should address all types of access including physical, remote, network, and device level access. Manage Security Patches Security patches provide protection against the never-ending flow of new threats. A good patch management plan combines policies, procedures, and qualified personnel in an effort to close security gaps without major disruption to the system. Best practices for patch management include: Take Inventory: Make a list of the devices that will require periodic security updates. The list should include network devices such as routers, firewalls, and VPN concentrators, as well as application and operating system software. An annual report on data breaches, a subset of the overall security landscape, highlights the importance of system monitoring. Use Trusted Sources •Use vendor issued firmware updates, service packs, and hot fixes. •Whenever possible, use patches with digital signatures. A digital signature validates a patch’s source and integrity. •Stay up-to-date on newly released patches and vulnerability reports. Develop a plan for installation. A patch installation plan should include the following: oUse a method of prioritizing patches. Most patches are routine updates that can be implemented according to a schedule. Others require immediate action to close a critical gap in security. oPre-approved patch installation tools that provide change management and security audit features.
An Introduction to Cybersecurity 201623 | P a g e Version 1.0 – August 2016 oProcedures for vendor certification of patches, testing of patches prior to installation, and a staged installation process to minimize the risk of disruption from the change. oThe verification of digital signatures. Signed security patches should be verified just prior to installation to ensure that they have not been tampered with internally. Develop a Backup and Recovery Plan A backup and recovery plan should identify responsible parties, list the items to be backed up, and provide specifics such as backup intervals, locations, and number of versions to retain. Verify that recovery procedures work as expected. Firewalls Require Special Attention Firewalls must be properly managed by trained personnel to ensure continued system security. A firewall management plan should be developed to address the following requirements: •Regular review of firewall configuration •Strict change control measures •Continuous monitoring of logs and relevant statistics Conclusion There are numerous resources available, in addition to this introductory guide, to assist PSAPs, 9-1-1 Authorities, and agencies involved with Emergency Communications in preparing for, mitigating, responding to, and recovering from cyber-attacks. Those resources include the NIST Cybersecurity Framework6, The FCC Task Force on Optimal PSAP Architecture Cybersecurity report16and reporting and sharing mechanisms such as the Department of Justice IC3 portal.
You've reached the end of your free preview.
Want to read all 25 pages?
- Winter '19
- Computer Security, PSAPs