Our Views:
Using Government-issued Cyber Security Advisories
Reliable threat intelligence and mitigation advice is a critical tool for all organisations looking to stay across the latest cyber threats in the landscape and take effective actions to protect their information systems and data. Government agencies use their access to elite technical capabilities and far-reaching networks to develop advisories and cybersecurity guidance papers and alert on important cybersecurity threats.
Threat intelligence covers both existing and emerging threats and includes detailed information on threat actors, TTP’s, and Indicators of Compromise that are specific to the threat described. Alerts are issued to provide timely information about the most relevant threats in the landscape and cybersecurity advisories also provide step by step guidance on how to identify a specific type of attack, and how best respond and recover from it. Additional information is also available in the form of information sheets, technical reports and research based white papers that support businesses to protect themselves against cyberthreats.
We recommend following reputable government-issued alerts and advisories for multiple purposes including:
- Incident Response Planning: The advice in government issued advisories that outlines how threats work, how the threats are typically applied and how to identify them can be used to craft effective playbooks and plans to respond in a cyber incident. Include this information in your playbooks and business continuity plans and ensure these are regularly updated in accordance with the latest advisories.
- Incident Response: If your business suffers an unforeseen cyber incident, the actions included in recent alerts and advisories should be used to pivot and guide your actions in all phases of your response lifecycle including identification, containment, and recovery.
- Proactive Threat Hunting: Businesses can search their networks for the specific IOC’s included in threat intelligence alerts and advisories helping to identify any potential threats and take actions to mitigate them before they have an impact.
- Cyber Security Improvement Planning: Threat advisories offer guidance around the general attack landscape that can be used to shape and guide the creation of your cybersecurity improvement plans by helping to identify gaps in defences and prioritise mitigations and improvement.
- Training and Awareness: External alerts and advisories can provide situational context for generating internal security advisories and cyber training and awareness content.
The cybersecurity landscape moves quickly, and organisations need to constantly monitor and review the issued alerts and advisories from agencies such as the following:
- National Cyber Security Centre
- CERT NZ
- CISA
- National Cyber Security Centre – UK
- Australian Cyber Security Centre
Keeping abreast of these advisories and taking the recommended steps above to incorporate the advice into your cybersecurity practice will assist in lifting cyber security posture and allow more effective response and recovery from cyber incidents.
About the Bulletin:
The NZ Incident Response Bulletin is a monthly high-level executive summary containing some of the most important news articles that have been published on Forensic and Cyber Security matters during the last month. Also included are articles written by Incident Response Solutions, covering topical matters. Each article contains a brief summary and if possible, includes a linked reference on the web for detailed information. The purpose of this resource is to assist Executives in keeping up to date from a high-level perspective with a sample of the latest Forensic and Cyber Security news.
To subscribe or to submit a contribution for an upcoming Bulletin, please either visit https://incidentresponse.co.nz/bulletin or send an email to bulletin@incidentresponse.co.nz with the subject line either “Subscribe”, “Unsubscribe”, or if you think there is something worth reporting, “Contribution”, along with the Webpage or URL in the contents. Access our Privacy Policy.
This Bulletin is prepared for general guidance and does not constitute formal advice. This information should not be relied on without obtaining specific formal advice. We do not make any representation as to the accuracy or completeness of the information contained within this Bulletin. Incident Response Solutions Limited does not accept any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, when relying on the information contained in this Bulletin or for any decision based on it.
Incident Response Solutions 