December 3, 2023

The US CISA has issued a new report outlining baseline cybersecurity performance goals for all critical infrastructure sectors.

The document is the result of a July 2021 security memorandum signed by President Biden. It has tasked CISA and the NIST with creating fundamental cybersecurity practices for critical infrastructure, mainly to help small- and medium-sized enterprises improve their cybersecurity efforts.

The goals have been established based on existing cybersecurity frameworks and guidance. They also rely on real-world threats and adversary TTPs observed by CISA and its partners. The plan to update these goals every six to 12 months.

Advertisements

As technologies evolve, the risks, TTPs and scope will naturally change. This, coupled with the evolution of Industrial Revolution 4.0, will morph the recommendations and outcomes as appropriate.

The executive added that CISA’s plans to draft sector-specific goals with regulatory agencies may become challenging to maintain over time without close involvement with industry vertical operators.

The CISA report comes months after researchers discovered more than 8000 exposed Virtual Network Computing (VNC) instances that could lead to remote compromise attacks against critical infrastructure organizations.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: