NSA + CISA = CSA?
If you are in IT, or around tech, you should really listen to Security Now by Steve Gibson, with Leo Laporte. (https://www.grc.com/securitynow.htm) In this week's episode, a new report released by the NSA and CISA was discussed.
The CSA - (https://www.cisa.gov/news-events/alerts/2023/10/05/nsa-and-cisa-release-advisory-top-ten-cybersecurity-misconfigurations) a report that covers the Top Ten Cybersecurity Misconfigurations is a great read and reference.
We are in an ever-increasing attack-based world. Dwell time, or the time that threat actors wait to deploy ransomware has shrunk from 4 days, to merely hours in most cases now.
The MGM Grand hack will continue to underscore just how crippling an attack can be - with an estimated cost of $100 million to recover from.
The CSA outlines many things that those of us in the IT space for any length of time scratch our heads at - like default passwords, or firmware that isn't upgradable (see IOT devices at risk). However, they are still found to be the norm in too many places.
Take a few moments, read through the document, and do your part to help make your home and company networks a little bit safer.
While you're at it, subscribe to the podcast and learn a little more each week about the top security news!
CloudTruth co-founder & CPO
1 年Important for all to read this advisory. Here's a good resource to learn more about misconfigurations. https://www.cloudtruth.com/solve-misconfigurations