Original release date: October 7, 2020
The Cybersecurity and Information Security Agency (CISA) has released an infographic mapping analysis of 44 of its Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2019 to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework. The infographic identifies routinely successful attack paths CISA observed during RVAs conducted across multiple sectors. Cyber attackers can use these attack paths to compromise organizations.
CISA encourages network administrators and IT professionals to review the infographic and apply the recommended defensive strategies to protect against the observed tactics and techniques. Review CISA’s Cyber Essentials for more information on where to start implementing organizational cybersecurity practices. For information on CISA RVAs and requesting additional services, visit CISA’s National Cybersecurity Assessment and Technical Services page.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide…
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.