Menu
Log in
Forgot password


INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in
Forgot password

Enhancing Cyber Resilience

December 02, 2024 1:01 PM | Anonymous

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA) published Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a U.S. Critical Infrastructure Sector Organization. This advisory provides network defenders and software manufacturers with recommendations for improving their cybersecurity posture based on lessons learned and key findings from an assessment.  Key findings of ineffective cybersecurity practices in this advisory include:  

  • Perimeter network was not adequately firewalled from its internal network.  
  • Over reliance on host-based tools and lack of network layer protections, such as well-configured web proxies or intrusion prevention systems (IPS)
  • Insufficient legacy host monitoring that lacks a local end-point detection and response solution.  
  • Insecure configurations on multiple systems including default server, hosts with unconstrained delegation enabled unnecessarily, and account configuration.   
  • No review of security alerts by network defenders.   
  • Inadequate identity management; and  
  • Use of known insecure and outdated software.   

Lessons learned from this assessment include:  

  • Assess and ensure sufficient technical controls to prevent and detect malicious activity.  
  • Require continuous training, support, and resources to implement secure software configurations and detect malicious activity; and  
  • Effective organizational leadership will not minimize the business risk of known attack vectors or deprioritize the treatment of a vulnerability their own cybersecurity team identifies.  

CISA encourages all organizations to review this advisory and apply the recommended mitigations which will help ensure security processes and procedures are up to date and effective.  

CISA also urges software manufacturers to embrace Secure by Design principles and implement the recommended actions and mitigations to improve security outcomes of their customers from real-world threats. The findings in this advisory illustrate the outsized burden and costs of compensating for insecure software and hardware borne by critical infrastructure owners and operators. 

See Original Post 


  
 

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 1999 International Foundation for Cultural Property Protection.  All Rights Reserved