• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

CISA Unveils Cybersecurity Goals For Critical Infrastructure Sectors

You are here: Home / General Cyber Security News / CISA Unveils Cybersecurity Goals For Critical Infrastructure Sectors
October 28, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new report outlining baseline cybersecurity general performance ambitions (CPGs) for all critical infrastructure sectors.

The doc is the end result of a July 2021 security memorandum signed by President Biden. It has tasked CISA and the Nationwide Institute of Specifications and Technology (NIST) with developing basic cybersecurity procedures for critical infrastructure, mainly to aid compact- and medium-sized enterprises (SMEs) strengthen their cybersecurity endeavours.

“The CPGs are a prioritized subset of IT and operational technology (OT) cybersecurity tactics that critical infrastructure homeowners and operators can carry out to meaningfully minimize the probability and affect of identified dangers and adversary techniques,” CISA wrote.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The goals have been established primarily based on current cybersecurity frameworks and direction. They also count on real-globe threats and adversary ways, techniques and procedures (TTPs) noticed by CISA and its partners. 

“By applying these targets, homeowners and operators will not only lessen threats to critical infrastructure operations but also to the American persons,” the report reads.

CISA also added that it plans to update these goals every 6 to 12 months.

“As technologies evolve, the pitfalls, TTPs and scope will by natural means adjust. This, coupled with the evolution of Industrial Revolution 4., will morph the suggestions and results as correct,” Edward Liebig, global director of cyber-ecosystem at Hexagon, informed Infosecurity.

At the exact time, the executive added that CISA’s plans to draft sector-precise plans with regulatory companies may possibly grow to be hard to maintain over time without having close involvement with field vertical operators. 

“There need to be a concerted energy to set up and stimulate participation in marketplace-specific Information Sharing and Analysis Centers (ISAC), these types of as the Electricity Details Sharing and Assessment Center (E-ISAC), as collaboration among sellers will go even more in fixing the problems inside of OT security,” Liebig concluded.

The CISA report comes months after Cyble researchers uncovered additional than 8000 exposed Virtual Network Computing (VNC) instances that could guide to distant compromise attacks from critical infrastructure companies.


Some areas of this short article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware
Next Post: Twilio Reveals Another Breach from the Same Hackers Behind the August Hack twilio reveals another breach from the same hackers behind the»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.