The NSA (National Security Agency) in conjunction with CISA (Cyber and Infrastructure Agency) have released an advisory to educate the wider public on their findings relating to the top ten cyber security misconfigurations.

The guidance aims to help organisations identify and remediate the potential security flaws in order to harden defences.

The below list detailing the top misconfigurations was compiled from the findings of both offensive and defensive assessments conducted by the NSA and CISA threat hunt and incident response teams.

1. Default configurations of software and applications
2. Improper separation of user/administrator privilege
3. Insufficient internal network monitoring
4. Lack of network segmentation
5. Poor patch management
6. Bypass of system access controls
7. Weak or misconfigured multifactor authentication (MFA) methods
8. Insufficient access control lists (ACLs) on network shares and services
9. Poor credential hygiene
10. Unrestricted code execution

By highlighting these misconfigurations, it equips organisations with the knowledge that the problems they face are not local to just their organisation.

It may also identify areas which are being overlooked and warrant prompt addressing due to their prevalence and pinpoint areas that could potentially be exploited by interested threat actors.

In the advisory, as well as highlighting potential areas for improvement, there are sections dedicated to providing mitigation advice.

To some, this information may appear routine or cliché. However, the advisory is evidence that organisations are not adequately addressing these problems and so it is encouraged that those in a position to implement technical changes review the advisory and consider the implementation of changes - where appropriate - or use the advisory to help strengthen their discussions regarding the threat that any existing problems pose.

Worried about your cyber security measures and unsure what to do? Contact us, we can help either directly, or act as an impartial broker for our Cyber Essentials Partners.

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).