infojet

for AVPros
(srchddg)

5 minute NWS/AWS/NOAA Airport Aviation Weather


(AVWthr1)


(AVWthr2)   (AVWthr3)  (AVWthr-METAR trend)



(Aviation -- METAR/TAF only)




FastAWS Links (Metars, Airmets, Sigmets, ProgCharts)

UTC/Zulu time





DuckDuck Go



NEWS,Recalls,IT-ALERTS


SECMKTS


RESOURCES



LINCDEC











DuckDuck Go











SpeedTest-Megapath



SpeedTest-Fast.com(netflix)



Google Internet Speed Test



Comcast Business Internet Speed Test



AT&T Internet Speed Test



Comcast Xfinity Internet Speed Test





AT&T Speed Tiers by service category (download/upload speeds)



Comcast/Xfinity Internet Speed Tiers by service category (download/upload speeds)







Start Options for USB/microSDHC computers



privacy policy
terms of use




Scan URL (urlscan.io)












(ttls)
25296













Commercial(webbot) TOP site visits by (.com,.net,.org) Domain Name(since JAN-1-2020)






as of 2021-04-16




sogou.com ,4163
googlebot.com ,1719
amazonaws.com ,1187
msn.com ,721
omnis.com ,605
googleusercontent.com ,357
cloudsystemnetworks.com ,173
tmodns.net ,128
pagething.com ,104
apple.com ,102
myvzw.com ,83
mycingular.net ,69
internet-census.org ,69
hwclouds-dns.com ,65
colocrossing.com ,61
vultr.com ,55
webnx.com ,36
h12-media.com ,35
google.com ,33
aspiegel.com ,27
kyivstar.net ,26
contaboserver.net ,24
ispsystem.net ,24
okitup.net ,24
dataprovider.com ,20
lipperhey.com ,19
onr.com ,17
duckduckgo.com ,16
007ac9.net ,15
linode.com ,14
dreamhost.com ,13
qwant.com ,12
sbcglobal.net ,11
sprious.com ,10
completel.net ,10
gthost.com ,10
secureserver.net ,9
quadranet.com ,9
rr.com ,9
jscriptsdev.com ,9
ip-167-114-175.net ,9
scaleway.com ,8
dnspure.com ,8
baidu.com ,8
directwebhost.org ,8
chinaunicom.com ,7
verizon.net ,7
datapacket.com ,7
spectrum.com ,7
secqin.com ,7
cdn77.com ,6
hostry.com ,6
onyphe.net ,6
nextconnex.net ,5
fbsv.net ,5
comdevelopment.com ,5
bluehost.com ,5
rima-tde.net ,5
totalplay.net ,5
ip-192-99-18.net ,5
netsystemsresearch.com ,5
jumpingroo.com ,4
scalabledns.com ,4
servebyte.com ,4
prcdn.net ,4
btcentralplus.com ,4
ColocationAmerica.com ,4
hostwindsdns.com ,4
web-hosting.com ,4
cargojet.com ,4
ip-144-217-190.net ,4
ip-51-79-111.net ,4
ovh.net ,4
inwitelecom.net ,3
ip-158-69-252.net ,3
puregig.net ,3
ip-167-114-124.net ,3
cantv.net ,3
wiredns.net ,3
zare.com ,3
domaincrawler.com ,3
clientshostname.com ,3
rootlayer.net ,3
rch003.net ,3
ip-167-114-172.net ,3
bitdefender.net ,2
coldhak.com ,2
cox.net ,2
mycdz.com ,2
skyeris.net ,2
ptklp.com ,2
websitewelcome.com ,2
example.com ,2
2com.net ,2
plus.net ,2
rederatural.com ,2
telia.com ,2
virginm.net ,2
ip-142-44-251.net ,2
startdedicated.com ,2
sonic.net ,2
hinet.net ,2
hostdime.com ,2
totinternet.net ,2
triolan.net ,2
ip-51-222-50.net ,2
hecombawatedly.com ,2
ip-142-44-138.net ,2
accesskenya.net ,2
ip-51-161-57.net ,2
Borealisbroadband.net ,2
uelockies.com ,2
ip-198-245-49.net ,2
prismwebnets.com ,2
ip-167-114-150.net ,2
cipherwave.net ,2
ip-51-79-116.net ,2
hidehost.net ,2
ip-167-114-90.net ,2
lagranfrancia.com ,2
glesys.net ,2
fasternetwork.com ,2
ip-51-222-43.net ,2
group-ib.com ,2
ip-51-222-151.net ,2
kpn.net ,2
contabo.net ,2
hargray.net ,1
ipvnow.com ,1
nephosdns.com ,1
rcncustomer.com ,1
serverhotell.net ,1
telkomsa.net ,1
superonline.net ,1
as13285.net ,1
avast.com ,1
ip-192-99-225.net ,1
cloudradium.com ,1
linuxpl.com ,1
rogers.com ,1
metronethn.com ,1
64m.org ,1
telecom-solution.com ,1
ip-192-95-29.net ,1
ip-66-70-203.net ,1
cloudedic.net ,1
xo.net ,1
luisgermano.com ,1
cavtel.net ,1
ip-142-4-195.net ,1
silverstar.com ,1
InterCable.net ,1
abilitybusinesscomputing.com ,1
sciencescores.com ,1
airtelkenya.com ,1
foundationapi.com ,1
i3d.net ,1
protedtmailsrv22.com ,1
edns1.com ,1
i-tera.com ,1
tangobacchus.com ,1
m247.com ,1
othush.com ,1
eu.org ,1
fex.net ,1
appliedprivacy.net ,1
dnsserverboot.com ,1
volia.net ,1
lockingall.com ,1
promocloud.net ,1
2i3.net ,1
dsci-net.com ,1
online.net ,1
opera-mini.net ,1
pldt.net ,1
ip-51-161-120.net ,1
h0sted.net ,1
torservers.net ,1
as42926.net ,1
dslextreme.com ,1
datection.net ,1
ricetell.com ,1
bhn.net ,1
tedata.net ,1
vuhuv.com ,1
free-face-sitting.com ,1
sitting.com ,1
royal-watches.com ,1
246.net ,1
serverastra.com ,1
azimut-r.net ,1
proxad.net ,1
svea.net ,1
mivocloud.com ,1
keff.org ,1
webhop.net ,1
no-reverse-dns-configured.com ,1
quintex.com ,1
qwest.net ,1
serveroffer.net ,1
cloudlinkd.com ,1
idknet.com ,1
turk.net ,1
windstream.net ,1
gtt.net ,1
aglyptrutivin.com ,1
myaisfibre.com ,1
cosmoyard.com ,1



(lines in domain name file)
10477





sogou.com ,4163 (39.7% of visits)
googlebot.com ,1719 (16.4% of visits)
amazonaws.com ,1187 (11.3% of visits)
msn.com ,721 (6.9% of visits)
omnis.com ,605 (5.8% of visits)
googleusercontent.com ,357 (3.4% of visits)
cloudsystemnetworks.com ,173 (1.7% of visits)
tmodns.net ,128 (1.2% of visits)
pagething.com ,104 (1% of visits)
apple.com ,102 (1% of visits)
myvzw.com ,83 (0.8% of visits)
mycingular.net ,69 (0.7% of visits)
internet-census.org ,69 (0.7% of visits)
hwclouds-dns.com ,65 (0.6% of visits)
colocrossing.com ,61 (0.6% of visits)
vultr.com ,55 (0.5% of visits)
webnx.com ,36 (0.3% of visits)
h12-media.com ,35 (0.3% of visits)
google.com ,33 (0.3% of visits)
aspiegel.com ,27 (0.3% of visits)
kyivstar.net ,26 (0.2% of visits)
contaboserver.net ,24 (0.2% of visits)
ispsystem.net ,24 (0.2% of visits)
okitup.net ,24 (0.2% of visits)
dataprovider.com ,20 (0.2% of visits)
lipperhey.com ,19 (0.2% of visits)
onr.com ,17 (0.2% of visits)
duckduckgo.com ,16 (0.2% of visits)
007ac9.net ,15 (0.1% of visits)
linode.com ,14 (0.1% of visits)
dreamhost.com ,13 (0.1% of visits)
qwant.com ,12 (0.1% of visits)
sbcglobal.net ,11 (0.1% of visits)
sprious.com ,10 (0.1% of visits)
completel.net ,10 (0.1% of visits)
gthost.com ,10 (0.1% of visits)
secureserver.net ,9 (0.1% of visits)
quadranet.com ,9 (0.1% of visits)
rr.com ,9 (0.1% of visits)
jscriptsdev.com ,9 (0.1% of visits)
ip-167-114-175.net ,9 (0.1% of visits)
scaleway.com ,8 (0.1% of visits)
dnspure.com ,8 (0.1% of visits)
baidu.com ,8 (0.1% of visits)
directwebhost.org ,8 (0.1% of visits)
chinaunicom.com ,7 (0.1% of visits)
verizon.net ,7 (0.1% of visits)
datapacket.com ,7 (0.1% of visits)
spectrum.com ,7 (0.1% of visits)
secqin.com ,7 (0.1% of visits)
cdn77.com ,6 (0.1% of visits)
hostry.com ,6 (0.1% of visits)
onyphe.net ,6 (0.1% of visits)
nextconnex.net ,5 (0% of visits)
fbsv.net ,5 (0% of visits)
comdevelopment.com ,5 (0% of visits)
bluehost.com ,5 (0% of visits)
rima-tde.net ,5 (0% of visits)
totalplay.net ,5 (0% of visits)
ip-192-99-18.net ,5 (0% of visits)
netsystemsresearch.com ,5 (0% of visits)
jumpingroo.com ,4 (0% of visits)
scalabledns.com ,4 (0% of visits)
servebyte.com ,4 (0% of visits)
prcdn.net ,4 (0% of visits)
btcentralplus.com ,4 (0% of visits)
ColocationAmerica.com ,4 (0% of visits)
hostwindsdns.com ,4 (0% of visits)
web-hosting.com ,4 (0% of visits)
cargojet.com ,4 (0% of visits)
ip-144-217-190.net ,4 (0% of visits)
ip-51-79-111.net ,4 (0% of visits)
ovh.net ,4 (0% of visits)
inwitelecom.net ,3 (0% of visits)
ip-158-69-252.net ,3 (0% of visits)
puregig.net ,3 (0% of visits)
ip-167-114-124.net ,3 (0% of visits)
cantv.net ,3 (0% of visits)
wiredns.net ,3 (0% of visits)
zare.com ,3 (0% of visits)
domaincrawler.com ,3 (0% of visits)
clientshostname.com ,3 (0% of visits)
rootlayer.net ,3 (0% of visits)
rch003.net ,3 (0% of visits)
ip-167-114-172.net ,3 (0% of visits)
bitdefender.net ,2 (0% of visits)
coldhak.com ,2 (0% of visits)
cox.net ,2 (0% of visits)
mycdz.com ,2 (0% of visits)
skyeris.net ,2 (0% of visits)
ptklp.com ,2 (0% of visits)
websitewelcome.com ,2 (0% of visits)
example.com ,2 (0% of visits)
2com.net ,2 (0% of visits)
plus.net ,2 (0% of visits)
rederatural.com ,2 (0% of visits)
telia.com ,2 (0% of visits)
virginm.net ,2 (0% of visits)
ip-142-44-251.net ,2 (0% of visits)
startdedicated.com ,2 (0% of visits)
sonic.net ,2 (0% of visits)
hinet.net ,2 (0% of visits)
hostdime.com ,2 (0% of visits)
totinternet.net ,2 (0% of visits)
triolan.net ,2 (0% of visits)
ip-51-222-50.net ,2 (0% of visits)
hecombawatedly.com ,2 (0% of visits)
ip-142-44-138.net ,2 (0% of visits)
accesskenya.net ,2 (0% of visits)
ip-51-161-57.net ,2 (0% of visits)
Borealisbroadband.net ,2 (0% of visits)
uelockies.com ,2 (0% of visits)
ip-198-245-49.net ,2 (0% of visits)
prismwebnets.com ,2 (0% of visits)
ip-167-114-150.net ,2 (0% of visits)
cipherwave.net ,2 (0% of visits)
ip-51-79-116.net ,2 (0% of visits)
hidehost.net ,2 (0% of visits)
ip-167-114-90.net ,2 (0% of visits)
lagranfrancia.com ,2 (0% of visits)
glesys.net ,2 (0% of visits)
fasternetwork.com ,2 (0% of visits)
ip-51-222-43.net ,2 (0% of visits)
group-ib.com ,2 (0% of visits)
ip-51-222-151.net ,2 (0% of visits)
kpn.net ,2 (0% of visits)
contabo.net ,2 (0% of visits)
hargray.net ,1 (0% of visits)
ipvnow.com ,1 (0% of visits)
nephosdns.com ,1 (0% of visits)
rcncustomer.com ,1 (0% of visits)
serverhotell.net ,1 (0% of visits)
telkomsa.net ,1 (0% of visits)
superonline.net ,1 (0% of visits)
as13285.net ,1 (0% of visits)
avast.com ,1 (0% of visits)
ip-192-99-225.net ,1 (0% of visits)
cloudradium.com ,1 (0% of visits)
linuxpl.com ,1 (0% of visits)
rogers.com ,1 (0% of visits)
metronethn.com ,1 (0% of visits)
64m.org ,1 (0% of visits)
telecom-solution.com ,1 (0% of visits)
ip-192-95-29.net ,1 (0% of visits)
ip-66-70-203.net ,1 (0% of visits)
cloudedic.net ,1 (0% of visits)
xo.net ,1 (0% of visits)
luisgermano.com ,1 (0% of visits)
cavtel.net ,1 (0% of visits)
ip-142-4-195.net ,1 (0% of visits)
silverstar.com ,1 (0% of visits)
InterCable.net ,1 (0% of visits)
abilitybusinesscomputing.com ,1 (0% of visits)
sciencescores.com ,1 (0% of visits)
airtelkenya.com ,1 (0% of visits)
foundationapi.com ,1 (0% of visits)
i3d.net ,1 (0% of visits)
protedtmailsrv22.com ,1 (0% of visits)
edns1.com ,1 (0% of visits)
i-tera.com ,1 (0% of visits)
tangobacchus.com ,1 (0% of visits)
m247.com ,1 (0% of visits)
othush.com ,1 (0% of visits)
eu.org ,1 (0% of visits)
fex.net ,1 (0% of visits)
appliedprivacy.net ,1 (0% of visits)
dnsserverboot.com ,1 (0% of visits)
volia.net ,1 (0% of visits)
lockingall.com ,1 (0% of visits)
promocloud.net ,1 (0% of visits)
2i3.net ,1 (0% of visits)
dsci-net.com ,1 (0% of visits)
online.net ,1 (0% of visits)
opera-mini.net ,1 (0% of visits)
pldt.net ,1 (0% of visits)
ip-51-161-120.net ,1 (0% of visits)
h0sted.net ,1 (0% of visits)
torservers.net ,1 (0% of visits)
as42926.net ,1 (0% of visits)
dslextreme.com ,1 (0% of visits)
datection.net ,1 (0% of visits)
ricetell.com ,1 (0% of visits)
bhn.net ,1 (0% of visits)
tedata.net ,1 (0% of visits)
vuhuv.com ,1 (0% of visits)
free-face-sitting.com ,1 (0% of visits)
sitting.com ,1 (0% of visits)
royal-watches.com ,1 (0% of visits)
246.net ,1 (0% of visits)
serverastra.com ,1 (0% of visits)
azimut-r.net ,1 (0% of visits)
proxad.net ,1 (0% of visits)
svea.net ,1 (0% of visits)
mivocloud.com ,1 (0% of visits)
keff.org ,1 (0% of visits)
webhop.net ,1 (0% of visits)
no-reverse-dns-configured.com ,1 (0% of visits)
quintex.com ,1 (0% of visits)
qwest.net ,1 (0% of visits)
serveroffer.net ,1 (0% of visits)
cloudlinkd.com ,1 (0% of visits)
idknet.com ,1 (0% of visits)
turk.net ,1 (0% of visits)
windstream.net ,1 (0% of visits)
gtt.net ,1 (0% of visits)
aglyptrutivin.com ,1 (0% of visits)
myaisfibre.com ,1 (0% of visits)
cosmoyard.com ,1 (0% of visits)












Webbot/Spiders (A-Z list)


007ac9.net ,15
246.net ,1
2com.net ,2
2i3.net ,1
64m.org ,1
Borealisbroadband.net ,2
ColocationAmerica.com ,4
InterCable.net ,1
abilitybusinesscomputing.com ,1
accesskenya.net ,2
aglyptrutivin.com ,1
airtelkenya.com ,1
amazonaws.com ,1187
apple.com ,102
appliedprivacy.net ,1
as13285.net ,1
as42926.net ,1
aspiegel.com ,27
avast.com ,1
azimut-r.net ,1
baidu.com ,8
bhn.net ,1
bitdefender.net ,2
bluehost.com ,5
btcentralplus.com ,4
cantv.net ,3
cargojet.com ,4
cavtel.net ,1
cdn77.com ,6
chinaunicom.com ,7
cipherwave.net ,2
clientshostname.com ,3
cloudedic.net ,1
cloudlinkd.com ,1
cloudradium.com ,1
cloudsystemnetworks.com ,173
coldhak.com ,2
colocrossing.com ,61
comdevelopment.com ,5
completel.net ,10
contabo.net ,2
contaboserver.net ,24
cosmoyard.com ,1
cox.net ,2
datapacket.com ,7
dataprovider.com ,20
datection.net ,1
directwebhost.org ,8
dnspure.com ,8
dnsserverboot.com ,1
domaincrawler.com ,3
dreamhost.com ,13
dsci-net.com ,1
dslextreme.com ,1
duckduckgo.com ,16
edns1.com ,1
eu.org ,1
example.com ,2
fasternetwork.com ,2
fbsv.net ,5
fex.net ,1
foundationapi.com ,1
free-face-sitting.com ,1
glesys.net ,2
google.com ,33
googlebot.com ,1719
googleusercontent.com ,357
group-ib.com ,2
gthost.com ,10
gtt.net ,1
h0sted.net ,1
h12-media.com ,35
hargray.net ,1
hecombawatedly.com ,2
hidehost.net ,2
hinet.net ,2
hostdime.com ,2
hostry.com ,6
hostwindsdns.com ,4
hwclouds-dns.com ,65
i-tera.com ,1
i3d.net ,1
idknet.com ,1
internet-census.org ,69
inwitelecom.net ,3
ip-142-4-195.net ,1
ip-142-44-138.net ,2
ip-142-44-251.net ,2
ip-144-217-190.net ,4
ip-158-69-252.net ,3
ip-167-114-124.net ,3
ip-167-114-150.net ,2
ip-167-114-172.net ,3
ip-167-114-175.net ,9
ip-167-114-90.net ,2
ip-192-95-29.net ,1
ip-192-99-18.net ,5
ip-192-99-225.net ,1
ip-198-245-49.net ,2
ip-51-161-120.net ,1
ip-51-161-57.net ,2
ip-51-222-151.net ,2
ip-51-222-43.net ,2
ip-51-222-50.net ,2
ip-51-79-111.net ,4
ip-51-79-116.net ,2
ip-66-70-203.net ,1
ipvnow.com ,1
ispsystem.net ,24
jscriptsdev.com ,9
jumpingroo.com ,4
keff.org ,1
kpn.net ,2
kyivstar.net ,26
lagranfrancia.com ,2
linode.com ,14
linuxpl.com ,1
lipperhey.com ,19
lockingall.com ,1
luisgermano.com ,1
m247.com ,1
metronethn.com ,1
mivocloud.com ,1
msn.com ,721
myaisfibre.com ,1
mycdz.com ,2
mycingular.net ,69
myvzw.com ,83
nephosdns.com ,1
netsystemsresearch.com ,5
nextconnex.net ,5
no-reverse-dns-configured.com ,1
okitup.net ,24
omnis.com ,605
online.net ,1
onr.com ,17
onyphe.net ,6
opera-mini.net ,1
othush.com ,1
ovh.net ,4
pagething.com ,104
pldt.net ,1
plus.net ,2
prcdn.net ,4
prismwebnets.com ,2
promocloud.net ,1
protedtmailsrv22.com ,1
proxad.net ,1
ptklp.com ,2
puregig.net ,3
quadranet.com ,9
quintex.com ,1
qwant.com ,12
qwest.net ,1
rch003.net ,3
rcncustomer.com ,1
rederatural.com ,2
ricetell.com ,1
rima-tde.net ,5
rogers.com ,1
rootlayer.net ,3
royal-watches.com ,1
rr.com ,9
sbcglobal.net ,11
scalabledns.com ,4
scaleway.com ,8
sciencescores.com ,1
secqin.com ,7
secureserver.net ,9
servebyte.com ,4
serverastra.com ,1
serverhotell.net ,1
serveroffer.net ,1
silverstar.com ,1
sitting.com ,1
skyeris.net ,2
sogou.com ,4163
sonic.net ,2
spectrum.com ,7
sprious.com ,10
startdedicated.com ,2
superonline.net ,1
svea.net ,1
tangobacchus.com ,1
tedata.net ,1
telecom-solution.com ,1
telia.com ,2
telkomsa.net ,1
tmodns.net ,128
torservers.net ,1
totalplay.net ,5
totinternet.net ,2
triolan.net ,2
turk.net ,1
uelockies.com ,2
verizon.net ,7
virginm.net ,2
volia.net ,1
vuhuv.com ,1
vultr.com ,55
web-hosting.com ,4
webhop.net ,1
webnx.com ,36
websitewelcome.com ,2
windstream.net ,1
wiredns.net ,3
xo.net ,1
zare.com ,3


















Webbot visits to Infojet.org since 1-JAN-2020



















Webbot visits to Infojet.org since 1-JAN-2020













Small Business CyberSecurity 3-step Fast-List:

(1) Business Continuity Plan and BACKUPs(ENCRYPTED)-- Have malware-free backups of encrypted data ready to maintain operations after a cyber-event. Have a ready-to-go Business continuity plan. Your business continuity plan should be ready to snap into place to keep business operating without interuption.)

(2) UPDATEs-- Automatically update and automatically encrypt all hardware and software. Only use Apple or Chrome computers if possible. Ensure full encryption is used on all data in all phases (in-transit, in-storage, in-memmory).

(3) TRAINING-- Train yourself and all staff to never click on any links in any type of messages (emails, instant messages, text messages, etc.) or on any attachments in any messages. When reading messages, put your hands behind your back and only view, but not touch, any messages, or you will be fired!!


Cyber security resouces:
NIST Cybersecurity Framework
CISA Cyber Essentials
Checklist from your cyberinsurance provider (AIG has a 40 item checklist)
FINRA's cyber security checklist for small business
IRS's Safeguarding Taxpayer Data cybersecurity checklist (pub. 4557) & pub 5293
NIST Small Business Information Security
NIST Small Business Cybersecurity Corner



If your business is planning to operate 100% offsite, in the cloud, such as a tax firm running Chromebooks, Google Workspace and Intuit ProConnect, your number one priority will be to control access to your cloud resources through strict user and device management.


Most cybersecurity checklists are far too long, too detailed and too full of confusing jargon for most small businesses to successfully implement or implement in a timely manner. Because of these factors as well as the time and cost to fully implement a comprehensive cybersecurity program, many small businesses feel overwhelmed and do almost nothing (except for activating automatic updates on software) hoping they will not get hit.

Your small business will likely experience a cyber-event of some type in the future. Just make sure all of your systems are (1) automatically updated, (2) have a malware-free backup system ready to snap into place to keep your business going and (3) ensure all data is encrypted with the highest level of encryption available (AES-256) so you can assure affected parties that any data lost from a cyber event cannot by viewed cyber invaders (If the cyber invaders have your data but do not have your encryption key, they cannot view your data. Currently, AES-256 encryption would take hundreds of years to break with today's computing resources.).


Cyber Review (Traveler's Insurance)


CyberSecurity Videos (Traveler's CyberInsurance)



6 Basic foundations for a Secure Network:

CIS Control 1: Identify and Control of Hardware Assets (Are only authorized devices allowed to connect to network?)


CIS Control 2: List and Control of Software Assets (Are only authorized software programs run on the network?)


CIS Control 3: Continuously Assess for & Eliminate Network Vulnerabilities (Is the network checked & cleaned of vulnerabilities?)


CIS Control 4: Are Administrative Privileges controlled and monitored (Are only the bare minimal administrative rights granted to perform tasks?)


CIS Control 5: Secure configuration of network devices (Are network devices securely configured? Are device manufacturers' default settings changed to secure settings?) (secure benchmark refs: CIS, NIST NCP)


CIS Control 6: Monitor, Analyze and Maintain network logs (Are network logs analyzed, monitored, maintained and checked for integrity for later investigation to understand current or potential cyber attacks?)


Key Cybersecurity Resources (for planning for and creating a secure operation-source for cybersecurity frameworks):
Center for Internet Security (CIS)

NIST Cybersecurity Framework(Identify, Protect, Detect, Respond, Recover)

References for CyberAlerts/CyberEvents:
CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCY

US-CERT

NSA Cybersecurity Advisories






MITRE Attack Framework (displays attacker techniques)





Federal Communications Commission (FCC) Cyberplanner





Federal Trade Commission (FTC) Cybersecurity for Small Business








IRS Security Nine (FAT BET VUR):
(1) Firewall
(2) Anti-malware
(3) Two-Factor Authentication for all accounts (Online tax software, MS 365, Google Workspace, etc.)
(4) Backups of data to a secured location offnetwork or in the cloud secured with two-factor authentication. Practice restoring your backups to a live environment to ensure your data is actually fully restored.
(5) Encryption of all data and devices (use 7zip to encrypt data and store in external drive or encrypted cloud storage like Google Drive in Google Workspace (Enterprise edition)
(6) Training for all staff and decision makers, have data confidentiality and data security agreement policy on logon screen so staff see it and agree to it at each logon.
(7) Virtual Private Network (VPN) connection to the internet (use ProtonVPN)
(8) Update everything automatically
(9) Review ALL Terms of Use agreements with any online service that will handle entity data, (for incidents, Recover and Report) (3-step incident response plan: Identify, Assess, Recover/Report)






IRS Data Security Plan required by the Federal Trade Commission (FTC) Safeguards Rule:



FTC Safeguaurds Rule

Complying with the FTC Safeguards Rule





CISA 1-page Ransomware Fast Tips





CISA Cybersecurity planning questions/table top exercises





US Secret Service Cybersecurity planning guides











CISA Resources (Cyber Self-Assessments)





CISA Incident Reporting Form (for Federal Information Security Modernization Act of 2014 (44 USC 3552), FISMA related incidents and violations)


The Federal Information Security Modernization Act of 2014 (FISMA) defines incident as an occurrence that (A) actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or (B) constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.




Notification Requirement

Agencies must report information security incidents, where the confidentiality, integrity, or availability of a federal information system of a civilian Executive Branch agency is potentially compromised, to the NCCIC/US-CERT with the required data elements, as well as any other available information, within one hour of being identified by the agency’s top-level Computer Security Incident Response Team (CSIRT), Security Operations Center (SOC), or information technology department. In some cases, it may not be feasible to have complete and validated information for the section below (Submitting Incident Notifications) prior to reporting. Agencies should provide their best estimate at the time of notification and report updated information as it becomes available. Events that have been found by the reporting agency not to impact confidentiality, integrity or availability may be reported voluntarily to US-CERT; however, they may not be included in the FISMA Annual Report to Congress.




In 1986, theUnited States Congress enacted the Computer Fraud and Abuse Act (CFAA), as an amendment to18 U.S.C. 1030. The CFAA has since been amended multiple times to address advancements in technologyand cybercrime. The CFAA criminalizes knowingly accessing a computer without authorization, obtainingprotected information, with the intent to defraud, intentionally causing unauthorized damage to a protectedcomputer, knowingly and with intent to defraud trafficking in passwords or access information, and extortioninvolving computers.







Small business Cybersecurity Road Map, one-page poster/cartoon (CISA)








CISA Small Business Cyberessentials





CISA Small Business Cyberessentials Starter kit





CISA Small Business Cyberessentials Starter Kit, by Chapter











CISA CyberEssentials Fast List

Managing cyber risks requires building a Culture of Cyber Readiness. The Culture of Cyber Readiness has six Essential Elements:

Yourself

You, as leader of your organization are an essential element of your organization’s Culture of Cyber Readiness. Your task for this element is to drive cybersecurity strategy, investment and culture.

Actions For Leaders

Action to Take in Consultation with IT

To learn more about how you can drive cybersecurity strategy, investment and culture, explore the Cyber Essentials Toolkit on this element.

Your Staff

As users of your organization’s digital equipment and systems, your staff are essential elements of your organization’s Culture of Cyber Readiness. Your task for this element is to develop cybersecurity awareness and vigilance.

Actions For Leaders

Actions to Take in Consultation with IT

Your Systems

As the infrastructure that makes your organization operational, your systems are an essential element of your organization’s Culture of Cyber Readiness. Your task for this element is to protect critical assets and applications.

Action For Leaders

Actions to Take in Consultation with IT

Your Surroundings

As your organization’s digital workplace, this is an essential element of your organization’s Culture of Cyber Readiness. Your task for this element is to ensure only those who belong on your digital workplace have access to it.

Actions to Take in Consultation with IT

Your Data

Your data, intellectual property, and other sensitive information is what your organization is built on. As such, it is an essential element of your organization’s Culture of Cyber Readiness. Your task for this element is to make backups and avoid loss of information critical to operations.

Action For Leaders

Actions to Take in Consultation with IT

Your Crisis Response

As your strategy for responding to and recovering from compromise, this is an essential element of your organization’s Culture of Cyber Readiness. Your task for this element is to limit damage and quicken restoration of normal operations.

Actions For Leaders

Action to Take in Consultation with IT

Booting Up: Things to Do First

Even before your organization has begun to adopt a Culture of Cyber Readiness, there are things you can begin doing today to make your organization more prepared against cyber risks.

Backup Data

Employ a backup solution that automatically and continuously backs up critical data and system configurations.

Multi-Factor Authentication

Require multi-factor authentication (MFA) for accessing your systems whenever possible. MFA should be required of all users, but start with privileged, administrative, and remote access users.

Patch &Update Management

Enable automatic updates whenever possible. Replace unsupported operating systems, applications and hardware. Test and deploy patches quickly.













Recommendations

CISA recommends that users and administrators consider using the following best practices to strengthen the security posture of their organization's systems. Any configuration changes should be reviewed by system owners and administrators prior to implementation to avoid unwanted impacts.

Additional information on malware incident prevention and handling can be found in National Institute of Standards and Technology (NIST) Special Publication 800-83, Guide to Malware Incident Prevention & Handling for Desktops and Laptops.




Questions Every CEO Should Ask About Cyber Risks




Cybersecurity evolution should eventually lead to a zero-trust environment where devices, services and people will be required to continually request access to critical systems and data. Unless otherwise stated, all access is denied by default in a zero trust environment.

See the US National Security Agency's overview of a Zero-Trust environment


NSA Zero-Trust Model


































































































INFOJET(back to top)