The NSA and CISA released five Cybersecurity Information Sheets in an alert to enhance cloud security, providing crucial recommendations, best practices, and mitigations for securing cloud environments.
Matt Muir, Threat Research Lead at Cado Security had this comment:
“It’s reassuring to see these agencies highlight the differences between cloud and on-premise security practices, along with providing tailored advice for securing the cloud in particular. Hopefully, the advice will give organizations the nudge they need to recognise the wider threats and implications of cloud adoption. By taking heed of this advice and implementing appropriate controls, organizations can mitigate the pervasive threat of cloud attacks.”
The only comment that I have is whether organizations will take heed of this advice. It’s good advice. But many organizations still have the view that the cloud is safer than on-premise. That needs to change.
UPDATE: Dave Ratner, CEO, HYAS adds this:
“As an increasing number of organizations are utilizing MSSP and MSP providers for cyber security and related functions, it’s imperative to have guidance both for the organizations utilizing them as well as the MSSP and MSP providers themselves. Since criminals and bad actors will often go after the weakest link in the chain, everyone needs to consider cyber resiliency as paramount and understand both how the MSSP/MSP providers will enable it for each client organization, as well as how the MSSP/MSP’s will enable it for themselves. Anyone without a solid cyber resiliency strategy in 2024 is putting themselves at risk.”
Like this:
Like Loading...
Related
This entry was posted on March 8, 2024 at 10:53 am and is filed under Commentary with tags CISA, NSA. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
CISA/NSA Releases Info Sheets To Help To Enhance Cloud Security
The NSA and CISA released five Cybersecurity Information Sheets in an alert to enhance cloud security, providing crucial recommendations, best practices, and mitigations for securing cloud environments.
Matt Muir, Threat Research Lead at Cado Security had this comment:
“It’s reassuring to see these agencies highlight the differences between cloud and on-premise security practices, along with providing tailored advice for securing the cloud in particular. Hopefully, the advice will give organizations the nudge they need to recognise the wider threats and implications of cloud adoption. By taking heed of this advice and implementing appropriate controls, organizations can mitigate the pervasive threat of cloud attacks.”
The only comment that I have is whether organizations will take heed of this advice. It’s good advice. But many organizations still have the view that the cloud is safer than on-premise. That needs to change.
UPDATE: Dave Ratner, CEO, HYAS adds this:
“As an increasing number of organizations are utilizing MSSP and MSP providers for cyber security and related functions, it’s imperative to have guidance both for the organizations utilizing them as well as the MSSP and MSP providers themselves. Since criminals and bad actors will often go after the weakest link in the chain, everyone needs to consider cyber resiliency as paramount and understand both how the MSSP/MSP providers will enable it for each client organization, as well as how the MSSP/MSP’s will enable it for themselves. Anyone without a solid cyber resiliency strategy in 2024 is putting themselves at risk.”
Share this:
Like this:
Related
This entry was posted on March 8, 2024 at 10:53 am and is filed under Commentary with tags CISA, NSA. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.