Six concrete actions CISA recommends every U.S. business take immediately. No fluff, no jargon — just a checklist with direct links to free CISA resources. If you only do three things, do steps 1, 2, and 3.
⚠️
Elevated Threat Posture
CISA recommends all U.S. organizations adopt a heightened security posture. Nation-state actors and ransomware groups remain highly active against U.S. small businesses and supply chains.
Enable Multi-Factor Authentication on All Accounts
MFA prevents the vast majority of credential-based attacks. Enable on email, banking, remote access (VPN), and all cloud services. CISA calls MFA the single most effective security control any business can implement.
Apply all available patches — especially for internet-facing systems like firewalls, VPNs, and email servers. Check the CISA KEV catalog to see if your software has actively-exploited vulnerabilities outstanding.
Verify that backups exist, are current, are stored offline or offsite, and can actually be restored. Most ransomware victims discover their backups were also encrypted. Actually test a restoration — don't just assume it works.
Know what to do before an attack happens: who do you call, how do you isolate infected systems, do you have your cyber insurance carrier's number, who is your IT contact. Andrew can help you build a simple one-page plan at no cost.
Employees should only have access to what they need for their job. Removing admin rights from day-to-day accounts limits how far an attacker can move through your network if credentials are compromised.
CISA scans your internet-facing systems and sends you a plain-English vulnerability report — completely free for any U.S. organization. This is one of the most underutilized free security services available.
Major active threats CISA has issued guidance on. Small businesses serving these sectors should be especially attentive.
● Active
Salt Typhoon — U.S. Telecom Intrusions
CISA · December 2024 – Present
Chinese state-sponsored group Salt Typhoon compromised multiple U.S. telecommunications providers. CISA issued guidance for all organizations to strengthen communications security and assume potential call interception.
CISA and HHS issued joint guidance after a significant surge in ransomware attacks against U.S. healthcare. RansomHub, Akira, and North Korean state actors specifically target hospitals, clinics, and dental practices.
Volt Typhoon — Critical Infrastructure Pre-Positioning
CISA / NSA / FBI Joint Advisory · 2024 – Present
Chinese state actors have pre-positioned in U.S. critical infrastructure to enable disruption in a future conflict. Small vendors serving defense or energy sectors are specifically targeted as entry points.
Andrew comes to your business and walks through every one of these items with you — at no cost. The free assessment delivers a written report with specific recommendations for your setup.