Light Dark
September 15, 2022 By Mark Stone 3 min read
Government
Risk Management

The Cybersecurity and Infrastructure Security Agency (CISA) recently published a report highlighting a range of critical security vulnerabilities requiring attention from organizations of all types. The report was published with input from the National Security Agency (NSA) and similar agencies worldwide. It should be considered essential reading.

Many of the vulnerabilities in the report are not new. Instead, the report underscores a new level of awareness regarding how severe they are. Another important point to note is that these are not theoretical; they’re routinely abused by bad actors.

This article will explore what this report means for organizations and why the vulnerabilities mentioned are so relevant. Plus, see how you can effectively prioritize them.

The CISA report: What’s at stake?

In a recent release, CISA Director Jen Easterly highlighted the report’s findings.

“These vulnerabilities pose an unacceptable risk to federal network security,” she said. “We also strongly urge every organization — large and small — to follow the federal government’s lead and take similar steps to safeguard their networks.”

According to CISA, the vulnerabilities themselves take the form of a server-side template injection. It can cause remote code execution, escalate privileges to ‘root’ and allow threat actors to obtain admin access without the need to authenticate.

As a result, businesses need to be aware of these issues. It’s critical to take the right steps to protect against them. Make sure your teams are aware of and prepared for these threats.

Best practices for addressing the challenges

To understand the best way to handle the vulnerabilities in the report, it’s important to acknowledge the most common weaknesses businesses face today.

According to the NSA, these are:

  • Failing to enforce multi-factor authentication
  • Applying privileges or permissions poorly
  • Errors within access control lists
  • Failing to keep software up to date.

So, what can you do to mitigate these weaknesses and build more effective defenses against security vulnerabilities? NSA recommends starting with mitigations that control access, harden credentials and establish centralized log management.

This strategy requires close teamwork between multiple elements of your business.

Rallying your team around weak points

As a general rule of thumb, make sure your teams are aware of weak points and the steps they must take to mitigate them.

Most of the time, it helps to hold regular meetings and training to ensure everyone is up to date. These can minimize or remove confusion. Encourage questions from all stakeholders, and distribute resources to help everyone stay educated and aware.

Building a non-alarmist business case for more support

Building effective defense isn’t just a job for security teams. It’s an all-hands effort that never exists in a vacuum and impacts everyone to some degree. One of the key duties of security leaders is gaining support from decision-makers and stakeholders. Without them, you can’t obtain the resources and backing to do the best job possible.

As a result, you’ll need to build a compelling business case for more support.

Here’s how:

  • Clearly link security projects to business outcomes. Demonstrate how greater investment in security benefits the business from a financial perspective. Highlight how failing to put digital defense can be costly.

  • Don’t use overly technical language. Speak in plain English wherever possible, and be prepared to clarify or explain certain points if needed.

  • Use hard data as much as possible. Again, link back to relevant business metrics. Show how increased security support can impact things like return on investment in concrete terms.

  • Avoid being overly alarmist or negative. Instead of presenting security solely as a way to avoid disaster, frame it positively as a means to increase the value of the business and enable more productive work.

Use the right security tools

The good news is that there are a wealth of tools to help combat the threats in the CISA report.

Companies can use tools to assess vulnerabilities and help choose which ones to patch first. This allows you to take a more structured and evidence-based approach, helping you focus your efforts and resources where they’re most needed for maximum effect.

Here are some of the tools you can use to stay on top of threats, prioritize well and defend against them before they happen:

  • Endpoint Detection and Response — gathers info across a wide range of endpoints to maintain insight into threats

  • SIEM — collects and analyzes events and works with other data sources to help detect threats and manage incidents

  • Network Detection and Response (NDR) — monitors entire networks and uses data analytics and machine learning to detect and deal with threats

  • SOAR — a suite of different tools, all aimed at learning more about threats and responding without the need for human control.

A mix of solutions

Using the right mix of tools and knowing how to use them with maximum efficiency is essential if you want to stay on top of vulnerabilities and keep your organization secure. The right tools allow you to prioritize threats so you can concentrate on the most serious sources of danger without spreading your resources too thin.

As a result, it’s essential to have a good command of all your different tools that empower you to easily identify threats and prioritize and respond quickly and accurately.

 |  |  |  |  |  | 
Mark Stone

More from Government
October 17, 2023

Cyber experts applaud the new White House cybersecurity plan

4 min read - First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the White House’s Office of the National Cyber Director (ONCD). Cybersecurity experts have applauded the Administration’s plan as well as the new implementation calendar. For example,…

September 19, 2023

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

September 18, 2023

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature