3

CISA releases cyber defense plan for remote monitoring and management software

 1 year ago
source link: https://siliconangle.com/2023/08/17/cisa-releases-remote-monitoring-management-cyber-defense-plan/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

CISA releases cyber defense plan for remote monitoring and management software

828cf87e-113c-4077-b574-7d7a2d36a9b6.jpeg
cisa.jpg
SECURITY

The U.S. Cybersecurity and Infrastructure Agency has released a plan to address systemic cybersecurity risks in remote monitoring and management software.

The Remote Monitoring and Management Cyber Defense Plan was created to address the issue wherein cyberthreat actors gain footholds via RMM software into managed service providers and manage security service providers’ servers. In gaining access, the attackers can cause cascading impacts for small to medium-sized enterprises that are customers of these providers.

The plan provides cyber defense leaders in government and industry with a collective plan for mitigating threats to the RMM ecosystem. It addresses issues facing the top-down exploitation of RMM software.

There are two pillars to the plan. Pillar 1, Operational Collaboration, is said to encourage collective action across the RMM community to enhance information sharing, increase visibility and fuel creative cybersecurity solutions. So-called “lines of effort” include cyber threat and vulnerability information and enduring RMM operational community.

Pillar 2, Cyber Defense Guidance is all about educating RMM end-users on the dangers and risks to the infrastructure they rely on and how they can help promote security best practices. Lines of effort for the second pillar include end-user education and amplification.

“The benefits RMM provides to system administrators — remote access and configuration and control of an endpoint — are the same reasons a threat actor finds RMM software to be an attractive target,” Melissa Bischoping, director of Endpoint Security Research at endpoint management company Tanium Inc., told SiliconANGLE. “These types of applications are popular ‘living off the land’ resources for attackers because they are unlikely to trip common extended detection and response or antivirus detections and often operate with a high level of permissions on the devices they control.”

Bischoping was positive about the plan, saying that the “efforts to improve both education and awareness and vulnerability management of RMM software will reduce the risk of a threat actor successfully leveraging this tooling.”

Teresa Rothaar, governance, risk and compliance analyst at passwords and secrets management company Keeper Security Inc., was likewise positive, saying that the new initiative is critically important, since threats aren’t confined to silos and the responses to these threats cannot be siloed.

“This collaboration, if successful, will be highly educative for MSPs. They’ll learn how to run their own operations securely and, in turn, help their customers operate securely as well,”  Rothaar said. “The downstream effect of this effort to mitigate threats to the ecosystem will be more secure customers as a result of better-secured MSPs.”

Image: CISA

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One-click below supports our mission to provide free, deep and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK