Mediaboss Marketing

Digital identity compromises are a growing concern and have been tied to massive hacks such as the Colonial Pipeline ransomware incident and the Reddit breach last month.

Coupled with an uptick in reliance on digital transformation and the ubiquity of cloud platforms, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) believe it is time to push framework guidance on identity access management (IAM).

On Tuesday, the two agencies released recommended best practices for infosec professionals who manage digital identities. The 31-page report outlines business processes, policies, and technologies to help shore up government and private-sector security postures. The practice guide, part of the NSA's Enduring Security Framework initiative, was developed through a public-private partnership to help thwart threats facing critical infrastructure and national security systems.

Americas critical infrastructure is a prime target for a broad spectrum of threat sources including advanced and ongoing attacks from nation states and terrorist organizations attacks, according to the paper. IAM weaknesses are frequently exploited in the most insidious threats, APTs, which have led to catastrophic data breaches.

Citing the 2022 Verizon Data Breach Investigation Report, the paper notes that 80% of web applications attacks and 40% of breaches leverage stolen credentials, a tactic used by a wide range of threat actors, including nation-state hacking groups, terrorist organizations, hacktivists, and individual operators. In addition, identity management company Okta reported record-high credential-stuffing attacks in its 2022 State of Security Identity Report, detecting almost 10 billion credential-stuffing events across its Auth0 access management platforms in the first 90 days of 2022.

To counter the growing risks, the IAM framework provides practice guidance and mitigations to address threats related to the following five areas: identity governance, environmental hardening, identity federation/single sign-on, multi-factor authentication and auditing and monitoring around identity access and management tools.

Grant Dasher from the office of the technical director for cybersecurity at CISA, said the release of the practice guide is "a valuable first step to aid critical infrastructure organizations' effort to assess and strengthen their IAM solutions and processes," and plan for further collaborations to improve the IAM ecosystem.

Besides the Colonial Pipeline incident, there have been several recent and notable attacks that highlight the importance of addressing the digital identity threats against critical infrastructure.

In February 2021, an attacker compromised a computer system in a Florida water treatment plant and tried to increase the levels of certain chemicals in the water supply which would have posed serious public health and safety concerns. In 2022, a ransomware gang leveraged stolen credentials and targeted another water treatment plant in South Staffordshire, UK, affecting 1.6 million customers and 35,000 businesses.

While SSO and MFA are widely adopted to strengthen and simplify the authentication process, Murali Palanisamy, chief solution officer at AppViewX, said that critical infrastructure should take extra precautions when monitoring implementations as a compromised SSO system in one area can make it easier for an attacker to gain access in other parts of the network.

"This is especially true for critical infrastructure where you would need access using Secure Shell to troubleshoot an access failure. Leveraging Privilege Accessed Management and SSH access using SSH certificates instead of passwords or keys enables the out-of-band authentication for admins and security teams," Palanisamy said.

Read the rest here:
CISA, NSA push identity and access management framework as risks grow - SC Media

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released new guidance on March 21 that offers system administrators best practices for identity and access management (IAM).

CISA and NSA released the IAM guidance as part of the Enduring Security Framework (ESF), a public-private partnership that aims to address risks that threaten critical infrastructure and national security systems.

IAM is a framework of business processes, policies, and technologies that facilitate the management of digital identities ensuring that only users with the appropriate credentials gain access to data.

IAM is a critical part of every organizations security posture, and we must work collectively with the public and private sector to advance more secure by default and secure by design IAM solutions, said Grant Dasher, Office of the Technical Director for Cybersecurity, CISA.

The ESFs best practices guide is a valuable first step to aid critical infrastructure organizations efforts to assess and strengthen their IAM solutions and processes, he added. We look forward to further collaborations with our partners to improve the IAM ecosystem and aid organizations in achieving a more resilient posture.

The guidances best practices provide system administrators with actionable recommendations to better secure their systems from IAM threats. Specifically, it offers best practices and mitigations to counter threats related to identity governance, environmental hardening, identity federation/single sign-on, multi-factor authentication (MFA), and IAM auditing and monitoring.

It also offers a checklist for actions organizations can take immediately, such as routinely testing and patching your organizations MFA infrastructure; identifying all the local identities on the assets to know who has access to which assets; and determining if your single sign-on integration can collect user context during single sign-on logins including location, device, and behavior.

Malicious cyber actors attempt to hide their activity by exploiting legitimate credentials, either of authorized personnel or of the systems that act on behalf of legitimate users, said Alan Laing, NSA lead for the IAM working group. Rigorous identity and access management allows an organization the ability to detect and thwart these actors persistent efforts to corrupt critical systems and access information of national importance.

Go here to read the rest:
CISA, NSA Issue Guidance on Identity and Access Management - MeriTalk

FORT MEADE, Md. - As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for Administratorsto provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).

IAM is a framework of business processes, policies, and technologies that facilitate the management of digital identities. It ensures that users only gain access to data when they have the appropriate credentials.

In 2021, Colonial Pipeline, a major Southeast oil pipeline system, suffered a major ransomware attack, disrupting the oil/gas distribution system and causing long lines at the gas station and consumer panic. Many people know about the attack and the exploitation of the company for money, but many dont realize that the attack happened because of a leaked password, an inactive VPN account, and a lack of multifactor authentication all of which can be summed up as poor IAM.

Malicious cyber actors attempt to hide their activity by exploiting legitimate credentials, either of authorized personnel or of the systems that act on behalf of legitimate users, said Alan Laing, NSA lead for the IAM working group. Rigorous Identity and Access Management allows an organization the ability to detect and thwart these actors persistent efforts to corrupt critical systems and access information of national importance.The paper provides best practices and mitigations to counter threats to IAM related to the following five topics:

Environmental Hardening

Identity Federation/Single Sign-On

Multi-Factor Authentication

IAM auditing and monitoring

"IAM is a critical part of every organization's security posture, and we must work collectively with the public and private sector to advance more secure by default and secure by design IAM solutions," said Grant Dasher, Office of the Technical Director for Cybersecurity, CISA. "The ESF's best practices guide is a valuable first step to aid critical infrastructure organizations' efforts to assess and strengthen their IAM solutions and processes. We look forward to further collaborations with our partners to improve the IAM ecosystem and aid organizations in achieving a more resilient posture."This release is accompanied by an Identity and Access Management Educational Aid presentation and associated talking pointsto support organizational technical leaders in explaining to decision makers the benefits of a robust IAM program and the associated risks of not implementing one.This guidance was developed and published by an NSA and CISA led working panel with ESF, a public-private cross-sector partnership that aims to address risks that threaten critical infrastructure and national security systems.

Read the full report here.Visit our full library for more cybersecurity information and technical guidance.

NSA Media RelationsMediaRelations@nsa.gov443-634-0721

See the article here:
ESF Partners, NSA, and CISA Release Identity and Access ... - National Security Agency

FORT MEADE, Md. - The National Security Agency (NSA) made further progress in 2022 in its efforts to build and sustain a diverse workforce critical to fulfilling the Agency's foreign signals intelligence and cybersecurity missions. A record 15.6% of new hires in 2022 self-identified as a person with a disability."We are proud of our strong hiring program, but that is only the first step in an employee's journey," said Teisha Anthony, Chief of Talent Management. "We need to be equally committed to inclusion and accessibility to fully support the people we bring on board."The People with Disabilities Employee Resource Group (PWD ERG) recently collaborated with the Cybersecurity Directorate (CSD) to host a panel discussion about ways to boost accessibility to help retain the best and brightest to support NSA's mission.A representative from the Office of Physical Security said that medical devices have grown increasingly smarter in recent years, which has posed a security challenge that the team is working hard to address: "We're actively engaged with medical device users, the PWD ERG, Research Directorate, and technical subject matter experts from across the Agency to identify and implement new mitigations while providing the greatest possible accommodation for affiliates who rely on these devices for their health and well-being."In a separate effort, CSD launched a new corporate initiative that offers many printed materials in braille to benefit Agency employees with disabilities. Other NSA organizations have undertaken similar campaigns, heeding the call to ensure reasonable accommodations for every employee."Providing support to the PWD population is absolutely critical to the success of NSA's mission," said the chair of the PWD ERG. "There's been a lot of improvement in this space, but there's still room to grow.""We won't be able to maintain an up-to-date understanding of our adversary without continuing to hire the best and brightest disabled employees."Learn more about NSA's policies on reasonable accommodations.Apply now: intelligencecareers.gov/nsa

NSA Media RelationsMediaRelations@nsa.gov443-634-0721

Go here to see the original:
NSA Hires Record Number of People with Disabilities, Undertakes ... - National Security Agency

Armed Forces Entertainment (AFE) set the alley-oop with NSA Naples Morale, Welfare, and Recreation (MWR) for a slam dunk event as The Harlem Globetrotters took to the court at Naples Middle High School (NMHS).

MWR capitalized on assists to make this event a success.

MWR was supported by NSA Naples Red Cross, USO, the Fire Department, Security and community volunteers, said Chris Kasparek, NSA Naples MWR Community Recreation Director.

The team, who has performed at NSA Naples in previous years, made its first appearance since the pandemic.

I think this event specifically signifies that we have significantly made the turn out of COVID here at NSA Naples, said Kasparek. It is a step forward for our entire community.

Globetrotters Guard, Darnell Speedy expressed how excited he was to be back on a military tour.

I came to Naples in November 2019 [] It actually was the last military tour before the pandemic, said Speedy. Now I am on the first military tour since COVID, and it is a once-in-a-lifetime opportunity. I get another opportunity to share these moments with these people.

The night of slam-dunks, fast breaks and laughter was one of the most popular events of the season. Tickets for the event sold out within days. The anticipation of the event was evident as fans packed the NMHS gym.

We had the coolest experience last night with the Harlem Globetrotters, said community member Dana Elmini. They are true entertainers and made everyone feel special and leave with a story! Thank you AFE and NSA Naples MWR for making this happen!

The Globetrotters visited NSA Naples as part of a military tour with AFE that began March 14 at Naval Air Station (NAS) Sigonella.

This tour is made up of 11 shows, across 10 bases in three countries, said AFE Regional Manager Michele Krieg.

This is the 19th year of the Harlem Globetrotters military tour with AFE, Krieg added.

Kasparek says these events are special to the military community.

It is important for the families here to know they are being reached by those stateside and by those that appreciate what they do for our country, said Kasparek.

With shows such as this, AFE makes it their mission to provide the best performances for U.S. troops and family members stationed overseas and serve as the biggest morale booster for U.S. Troops.

The nearly two-decade old partnership between AFE and the team is only a small part of the Globetrotters history in entertainment.

The Globetrotters began as a team of reunited high school players in Chicago, Illinois in 1926.

Since 1926, they have entertained more that 148 million fans in 123 countries and territories around the world.

NSA Naples is an operational ashore base that enables U.S., allied, and partner nation forces to be where they are needed, when they are needed to ensure security and stability in the European, African, and Central Command areas of responsibility.

For more news on NSA Naples, please follow us on Instagram @NSANaples and Facebook at facebook.com/NSANaples/.

Read more:
The Harlem Globetrotters Euro Step Over to NSA Naples - navy.mil