Last week, the Cybersecurity and Infrastructure Security Agency (CISA) held a three-hour call with over 13,000 industry stakeholders to provide an update on potential Russian cyber-attacks against the U.S. This call was scheduled after President Biden announced evolving intelligence reports indicate the Russian government is exploring options to conduct potential cyber-attacks against the United States. CISA officials asked that organizations lower their threshold for reporting unusual network activity to federal agencies. Although legislation has been introduced to make this type of reporting a requirement for critical infrastructure organizations, it could take years for it to go into effect. Industry leaders voiced their frustration on the call, telling CISA officials both the FBI and CISA ask them to report network intrusions, and although the information should be shared between the two agencies, industry leaders feel communication has broken down between federal agencies, state authorities and local governments. Industry leaders also voiced frustrations over classified information, stating that some information regarding cyber threats cannot be disseminated due to its level of classification by federal agencies. CISA director Jen Easterly stated that they would work to get information out to the appropriate level and declassify information as quickly as possible. Frustrated individuals on the call also stated that CISA has limited resources and requested more cybersecurity services to help proactively look for weaknesses in an organization’s defenses. Director Easterly agreed with the industry leaders and assured them they are working to provide everything they can to critical infrastructure organizations.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that