Kowatek Solar LTD
France VAT compliance
17:59
France VAT compliance
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
17:54
Battery Power Online | Peak Energy, General Motors Partner on Sodium-Ion Cells for Grid Applications
Why Britain is saying no to hydrogen boilers
17:53
Why Britain is saying no to hydrogen boilers
Who are the companies commercialising large-scale thermal energy storage technologies today
04:32
Who are the companies commercialising large-scale thermal energy storage technologies today
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
17:51
16 Utah Cities Choose to Opt-in to Groundbreaking Clean Energy Program to Bring 100% Clean Energy to Grid
Themis Powder2Power particle-based CSP begins commissioning in France
18:00
Themis Powder2Power particle-based CSP begins commissioning in France
3 Hours Of Free Power Explained
17:53
3 Hours Of Free Power Explained
Father of Modern Solar Approaches the Next Frontier
17:51
Father of Modern Solar Approaches the Next Frontier
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
14:40
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
The optimal internal receiver geometry for high temperature solar fuels
17:59
The optimal internal receiver geometry for high temperature solar fuels

CISA and NSA Enhance Security Framework With New IAM Guide

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have jointly published a new guide to help system administrators secure their identity and access management (IAM) infrastructure.

This document is part of the Agency Persistent Security Framework (ESF). It includes recommended best practices for combating IAM threats related to identity governance, environment hardening, identity federation/single sign-on, multi-factor authentication (MFA), and IAM auditing and monitoring. increase.

In this guide, CISA and NSA refer to recent attacks that exploit vulnerabilities in IAM products and implementations to target critical infrastructure.

“In 2021, a colonial-era national gas pipeline in the United States was attacked and shut down using compromised credentials,” the document reads. “[Months earlier], an unknown attacker manipulated the computer system of a water treatment plant in Florida to increase the concentration of sodium hydroxide in the water supply. ”

The report also mentions an attack targeting a water treatment plant in South Staffordshire, UK in 2022.

Learn more about recent critical infrastructure attacks here: NCSC issued 34 million cyber alerts in the past year

“Critical infrastructure organizations have a special responsibility to implement, maintain, and monitor secure IAM solutions and processes to protect not only their own business functions and information, but also the organizations and individuals they interact with,” said the guide. To read.

To help these companies achieve higher levels of security, the guide provides a framework that allows them to assess their current IAM capabilities and risk posture. It highlights techniques for improving areas such as secure solution selection, layering, integration, and proper configuration.

System administrators must also manage risk while maintaining an appropriate level of security to continue operations and raise awareness of correct IAM usage and risks.

The CISA advisory comes two months after a SecurityScorecards report suggested that nearly half of critical manufacturing organizations are now vulnerable to breach.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us