Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory (CSA) details key findings and lessons learned from a 2023 assessment, along with the red team’s tactics, techniques, and procedures (TTPs) and associated network defense activity.

The CSA also provides recommendations to assist executives, leaders, and network defenders in all organizations with refining their cybersecurity, detection, response, and hunt capabilities.

CISA encourages all organizations review the advisory and apply the recommendations and mitigations within, including applying defense-in-depth principles, using robust network segmentation, and establishing baselines of network traffic, application execution, and account authentication.

For more information on the most common and impactful threats, tactics, techniques, and procedures, see CISA’s Cross-Sector Cybersecurity Performance Goals. To learn more about secure by design principles and practices, visit CISA’s Secure by Design webpage.Â

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

CISA and Partners Release Guidance for Modern Approaches to Network Access Security

June 18, 2024 0 Comments 0 tags

Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), released guidance, Modern Approaches to Network Access Security, along with the following organizations:  New Zealand’s Government Communications Security Bureau

Read More

#RSAC: Three Battle-Tested Tips for Surviving a Cyber-Attack

May 7, 2024 0 Comments 0 tags

CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks

Read More

Pharma Giant Cencora Reports Cybersecurity Breach

February 29, 2024 0 Comments 0 tags

The breach was discovered on February 21 2024, according to an SEC filing published on the same day

Read More