Original release date: June 29, 2021
In a blog post by Executive Assistant Director (EAD) Eric Goldstein, CISA announced the creation of a catalog to document bad cybersecurity practices that are exceptionally risky for any organization and especially dangerous for those supporting designated Critical Infrastructure or National Critical Functions.
While extensive guidance on cybersecurity “best practices” exists, additional perspective is needed. Ending the most egregious risks requires organizations to make a concerted effort to stop bad practices.
CISA encourages cybersecurity leaders and professionals to review EAD Goldstein’s blog post and the new Bad Practices webpage and to monitor the webpage for updates. CISA also encourages all organizations to engage in the necessary actions and critical conversations to address bad practices.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA, through the Joint Cyber Defense Collaborative (JCDC), enabled swift, coordinated response and information sharing…
CISA released three Industrial Control Systems (ICS) advisories on October 29, 2024. These advisories provide…
CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors,…
CISA released four Industrial Control Systems (ICS) advisories on October 31, 2024. These advisories provide…
Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional…
Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor…
This website uses cookies.