In addition to our standard election protocols, which include active monitoring for cybersecurity and performance, we are implementing cybersecurity measures specifically designed to enhance data protection and operational continuity. The following comprehensive cybersecurity checklist highlights the proactive measures we’re taking on our clients’ behalf to further secure our solutions.
END POINT PROTECTION & MDR
✓ Q4 end point health check
✓ Q4 audit and verify all servers have clients installed
✓ Q4 Audit and verify all agents are correctly reporting into console
✓ Clean up agents from cloned services
Web Application Firewall & Web Proxy
✓ Complete pre-election Health check with election engineer
✓ Update WAF Signatures – Coordinate with Application Teams
✓ Update WAF Definitions – Coordinate with Application teams
Security Awareness
✓ SEP Training and awareness campaign
✓ SEP Cyber newsletter
✓ OCT Training and Awareness
✓ OCT Cyber newsletter
✓ Security Table Tops
Managed Service and 24x7x365 SOC
✓ Identify critical systems, expected system communications , build event exclusion, and event priority election day escalation processes security partners
Civix Managed Systems
✓ Audit device categories that are not reporting or are not compliant and removing systems no longer in service
✓ Build unique ASP/WSL groups to better control exclusion groups and not open companywide exceptions
✓ Validate managed firewalls for all Civix workforce member systems
✓ Validate forced management of Civix workforce member systems
✓ Clean IAM accounts no longer in use
Civix Workforce Member Device Enhancements
✓ Enable DLP policies for data governance
✓ Clean IR queue
✓ Manage the reported emails and phishing emails
✓ Clear and tune false positives
✓ Identify developers/admins running unsigned Powershell scripts and triggering event alarms
✓ Update proactive threat hunting scripts with IOC/TTPs from security researchers
DHS/CISA/FBI
✓ T/A modules checks against Civix tracked TTPs
✓ VulnMan reporting – Validating critical systems have patches for identified CVEs
Cloud Security
✓ For client systems run on secure cloud environments, we have taken the necessary steps to update the systems and address vulnerability gaps.