June 9, 2023

The US CISA has issued a new report outlining baseline cybersecurity performance goals for all critical infrastructure sectors.

The document is the result of a July 2021 security memorandum signed by President Biden. It has tasked CISA and the NIST with creating fundamental cybersecurity practices for critical infrastructure, mainly to help small- and medium-sized enterprises improve their cybersecurity efforts.

The goals have been established based on existing cybersecurity frameworks and guidance. They also rely on real-world threats and adversary TTPs observed by CISA and its partners. The plan to update these goals every six to 12 months.

Advertisements

As technologies evolve, the risks, TTPs and scope will naturally change. This, coupled with the evolution of Industrial Revolution 4.0, will morph the recommendations and outcomes as appropriate.

The executive added that CISA’s plans to draft sector-specific goals with regulatory agencies may become challenging to maintain over time without close involvement with industry vertical operators.

The CISA report comes months after researchers discovered more than 8000 exposed Virtual Network Computing (VNC) instances that could lead to remote compromise attacks against critical infrastructure organizations.

Tags:

Leave a Reply

You may have missed

ACT Government Victim of Barracuda ESG Vulnerability

ACT Government Victim of Barracuda ESG Vulnerability

June 9, 2023
Anonymous Sudan Claims Responsible for Outlook Outages

Anonymous Sudan Claims Responsible for Outlook Outages

June 9, 2023
Visual Studio Bug Results in Takeover

Visual Studio Bug Results in Takeover

June 8, 2023
Cisco Fixes Secure Client Security Flaw

Cisco Fixes Secure Client Security Flaw

June 8, 2023
CISA Releases Guidelines on RMM

CISA Releases Guidelines on RMM

June 8, 2023
CrowdStrike Platform Enhancements

CrowdStrike Platform Enhancements

June 8, 2023
%d bloggers like this: