| Lack of Ransomware and Threat Protection Alerts in Backup System |
Edit
|
| Lack of Endpoint Detection and Response (EDR), Behavioral Analysis, Malware, or Ransomware Detection |
Edit
|
| Absence of Formal IT Committee |
Edit
|
| Lack of Change Control and Issue Tracking |
Edit
|
| Lack of Formal Enterprise Ticketing System |
Edit
|
| Lack of Comprehensive Network Infrastructure Documentation |
Edit
|
| Enhance Cybersecurity Training Platform |
Edit
|
| Lack of Bank Involvement in Annual DR Testing |
Edit
|
| Bank Management can benefit from Access to RMM Tools |
Edit
|
| Network Segmentation Gaps |
Edit
|
| ATMs Not Segmented |
Edit
|
| Lack of Mobile Device Management |
Edit
|
| Email DomainKeys Identified Mail (DKIM) Security Failing Validation |
Edit
|
| Email Domain-based Message Authentication, Reporting, and Conformance (DMARC) Failing Validation |
Edit
|
| Presence of Legacy Onsite Exchange Server |
Edit
|
| Running Unsupported / Unlicensed VMware with No Access to Security Patches |
Edit
|
| Microsoft 365 Default Settings and Lack of Hardening |
Edit
|
| Lack of MS365 Cloud Security (e.g., Huntress ITDR) |
Edit
|
| Lack of Microsoft 365 Backup |
Edit
|
| Lack of Multifactor Authentication on VPN |
Edit
|
| Absence of Hardware and Software Lifecycle Management |
Edit
|
| Establish a Hardware Lifecycle Replacement Policy |
Edit
|
| Absence of an Executive IT Health Reports |
Edit
|
| Implement a Robust Remote Monitoring and Management (RMM) Solution |
Edit
|
| Implement a Robust IT Documentation System |
Edit
|
| Absence of Monthly Vulnerability Scanning and Remediation |
Edit
|