CISA’s Recommendations for HR Professionals

Posted by BAS - 05 September, 2024

header-picture

The Cybersecurity and Infrastructure Security Agency (CISA) plays an important role in safeguarding the nation's cyber infrastructure. CISA recommends that organizations of all sizes adopt a heightened cybersecurity posture to protect their most critical assets. Recognizing that many organizations may struggle to allocate resources for urgent security improvements, CISA has compiled a list of free cybersecurity services and tools available from government and industry partners. Visit CISA's website to learn more.

In particular, CISA recommends the following key actions to enhance cybersecurity:

  1. Reduce Cyber Intrusion Risks:
    • Ensure all remote and privileged access requires multi-factor authentication.
    • Keep software up to date, especially addressing vulnerabilities identified by CISA.
    • Disable any unnecessary ports and protocols to minimize attack surfaces.
    • If using cloud services, implement strong controls as per CISA’s guidance.
    • Enroll in CISA’s free cyber hygiene services, including vulnerability scanning.
  2. Detect Intrusions Early:
    • Focus on identifying unusual network behavior and enable comprehensive logging.
    • Protect the entire network with updated antivirus and antimalware software.
    • Monitor traffic from foreign organizations closely and review access controls.
  3. Prepare for Incident Response:
    • Designate a crisis-response team with clear roles and contact points.
    • Ensure key personnel are available, with plans for surge support if needed.
    • Conduct tabletop exercises to ensure readiness in case of an incident.
  4. Maximize Resilience:
    • Regularly test backup procedures to ensure data can be restored quickly.
    • For organizations using industrial control systems, test manual controls to maintain operations if the network is compromised.

By following these recommendations, HR professionals can help their organizations strengthen cybersecurity defenses and resilience. For further guidance, review CISA’s resources at www.StopRansomware.gov.


Benefit Allocation Systems (BAS) provides best-in-class, online solutions for: Employee Benefits Enrollment; COBRA; Flexible Spending Accounts (FSAs); Health Reimbursement Accounts (HRAs); Leave of Absence Premium Billing (LOA); Affordable Care Act Record Keeping, Compliance & IRS Reporting (ACA); Group Insurance Premium Billing; Property & Casualty Premium Billing; and Payroll Integration.

MyEnroll360 can Integrate with any insurance carrier for enrollment eligibility management (e.g., Blue Cross, Blue Shield, Aetna, United Health Care, Kaiser, CIGNA and many others), and integrate with any payroll system for enrollment deduction management (e.g., Workday, ADP, Paylocity, PayCor, UKG, and many others).

Topics: Company News, MyEnroll360 Security, Technology News, Cybersecurity


Recent Posts

Question of the Week - HRA Reimbursements

read more

Security Tips from the IRS

read more

CCS Commitment to COBRA

read more