NSA and CISA reveal top 10 cybersecurity misconfigurations – Do These Directly Affect You.

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations. The advisory reveals threat actors' tactics, techniques, and procedures to exploit these misconfigurations, targeting sensitive information or systems.

Is your network at risk? If any of the following items concern you, or if you're completely unaware of them, it's time to call in an Ambit specialist. We can identify, address, and resolve issues before they become problematic.

The top 10 most prevalent network configurations

1. Default configurations of software and applications

2. Improper separation of user/administrator privilege

3. Insufficient internal network monitoring

4. Lack of network segmentation

5. Poor patch management

6. Bypass of system access controls

7. Weak or misconfigured multifactor authentication (MFA) methods

8. Insufficient access control lists (ACLs) on network shares and services

9. Poor credential hygiene

10. Unrestricted code execution

"These assessments have shown how common misconfigurations, such as default credentials, service permissions, and configurations of software and applications; improper separation of user / administration privilege; insufficient internal network monitoring; poor patch management, place every American at risk," said Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA.

Let's talk! Ambit is ready for a conversation – call us today.