The NSA released a list of ten recommended security strategies for cloud customers. The advisory, published on March 7, 2024, includes ten strategies for cloud security, identity and access management, data security practices, and network segmentation.
CISA supported the NSA with six out of ten strategies for cybersecurity and infrastructure security in the US.
By infosecbulletin
/ Sunday , December 22 2024
A major security flaw in Craft CMS, a popular PHP content management system, has been found, enabling unauthenticated remote code...
Read More
By infosecbulletin
/ Sunday , December 22 2024
Mastercard has completed its acquisition of Recorded Future, an AI-based threat intelligence provider. Mastercard has acquired the company for $2.65...
Read More
By infosecbulletin
/ Saturday , December 21 2024
CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...
Read More
By infosecbulletin
/ Friday , December 20 2024
Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...
Read More
By infosecbulletin
/ Friday , December 20 2024
Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...
Read More
By infosecbulletin
/ Friday , December 20 2024
Sophos has fixed three separate security vulnerabilities in Sophos Firewall. The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...
Read More
By infosecbulletin
/ Thursday , December 19 2024
A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...
Read More
By infosecbulletin
/ Thursday , December 19 2024
Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...
Read More
By infosecbulletin
/ Wednesday , December 18 2024
The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...
Read More
By infosecbulletin
/ Wednesday , December 18 2024
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
The top 10 cloud security mitigation strategies are:
* Uphold the Cloud Shared Responsibility Model
* Use Secure Cloud Identity and Access Management Practices
* Use Secure Cloud Key Management Practices
* Implement Network Segmentation and Encryption in Cloud Environments
* Secure Data in the Cloud
* Defending Continuous Integration/Continuous Delivery (CI/CD) Environments
* Enforce Secure Automated Deployment Practices through Infrastructure as Code
* Account for Complexities Introduced by Hybrid Cloud and Multi-Cloud Environments
* Mitigate Risks from Managed Service Providers in Cloud Environments
* Manage Cloud Logs for Effective Threat Hunting
* Each strategy comes with an additional cybersecurity information sheet detailing how to implement it.
The sheets offer recommended steps and best practices from the NSA and CISA for cloud security, along with links for further details and resources.