Actions to Prepare for an Attack
-
Keep everything up to date (anti-virus, security patches…)
-
Set up automatic backups of critical systems to use as restore files
-
Implement rigorous user authentication (multi-factor authentication, unique accounts and passwords, restricted privileges)
-
Restrict internet access
-
Separate process control system traffic from business traffic
-
Eliminate and/or restrict remote access
-
Assess vulnerabilities in all critical IT system