.st0{fill:#FFFFFF;}

Podcast

Top 10 Cybersecurity Misconfigurations – Ep 431 

 November 3, 2023

By  Donna Grindle

Share0
Tweet0
Share0

In our rapidly evolving digital environment, cybersecurity misconfigurations pose significant threats to organizations of all sizes. Misconfigurations can expose systemic weaknesses and make organizations vulnerable to cyber attacks. In this episode, we will review a report from the NSA and CISA highlighting some of the most common misconfigurations that need to be addressed.

A 5 star review is all we ask from our listeners.
1x
Apple PodcastsGoogle PodcastPlayer EmbedShare Review Us on Apple PodcastsListen in a New WindowDownloadSoundCloudStitcherSubscribe on AndroidSubscribe via RSSSpotify
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy

In this episode:

Top 10 Cybersecurity Misconfigurations – Ep 431

Today’s Episode is brought to you by:

Kardon

and

HIPAA for MSPs with Security First IT

 Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity. 

Great idea! Share Help Me With HIPAA with one person this week!

Learn about offerings from the Kardon Club

and HIPAA for MSPs!

Thanks to our donors. We appreciate your support!

If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!

Thanks to our donors.

HIPAA Briefs

[03:44] Why doesn’t the security rule tell me exactly what to do?

HIPAA guidelines give you what needs to be accomplished by allowing organizations to be flexible in their approach to achieving the requirements. Not all healthcare organizations are created equal. A doctor’s office and a major medical center are very different entities. Both should evaluate the HIPAA rules and decide what is reasonable and appropriate for them to meet the guidelines based on its size and complexity.

And of course to determine what security safeguards you should put in place to protect your organization and data, you need to do a risk analysis and create a risk management plan. That will help you determine what needs to be protected and how you can implement the appropriate security measures and comply with the HIPAA rules.

Top 10 Cybersecurity Misconfigurations

[08:06] NSA and CISA released an advisory in early October 2023 highlighting the most common cybersecurity misconfigurations found in large organizations during their red team, blue team exercises. Misconfigurations are a big problem. It could be anything from somebody who didn’t configure something properly to something was turned off and wasn’t turned back on or vice versa or even having shadow IT issues.

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

A plea for network defenders and software manufacturers to fix common problems.

NSA and CISA developed red teams (attackers) and blue teams (defenders). These teams are put on either side of a large network. The red team is finding vulnerabilities everywhere they can and attacking. The blue team is trying to stop the red team. Needless to say, they are finding very common security issues on the larger networks. So, if these common issues are found on the large networks, odds are small and medium sized networks have the same issues.

[12:42] The following are the 10 most common network misconfigurations, as identified in the NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams:

  1. Default configurations of software and applications – Review your critical applications and evaluate their security settings. These are the applications you are putting all of your important data in.
  2. [20:30] Improper separation of user/administrator privilege – A user’s account should be set up with only the privileges necessary to do their job, just like HIPAA’s minimum users and disclosures.
  3. Insufficient internal network monitoring – Most applications create logs that can be monitored or have monitoring services included, but there has to be someone who is monitoring the monitoring.
  4. Lack of network segmentation – All networks should have segmentation to reduce the risk of cross contamination. Set boundaries for different types of traffic.
  5. [31:04] Poor patch management – Software patches are released constantly. You can assume that it’s working perfectly and automatically. You have to check it.
  6. Bypass of system access controls – This one is complicated, but evaluating what systems are communicating with other systems and whether they should be doing so is important.
  7. Weak or misconfigured multifactor authentication (MFA) methods – Evaluate the methods you are using for MFA and opt for more secure methods.
  8. Insufficient access control lists (ACLs) on network shares and services – Lock down your shared services to allow only those who need access to them.
  9. [39:36] Poor credential hygiene – Longer, strong passwords are a must, but are still a problem.
  10. Unrestricted code execution – This can be complicated, but programs that run on the network should be evaluated for malicious payloads that can wreak havoc on your network.
These misconfigurations illustrate (1) a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and (2) the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders:

  • Properly trained, staffed, and funded network security teams can implement the known mitigations for these weaknesses.
  • Software manufacturers must reduce the prevalence of these misconfigurations—thus strengthening the security posture for customers—by incorporating secure-by-design and -default principles and tactics into their software development practices.[1]

Malicious attackers use these common misconfigurations to gain access to and compromise networks. Implement mitigations to the issues described above to protect your network and its confidential and sensitive information.

It’s like they say: Learn from the mistakes of others. You can’t live long enough to make them all yourself.

Go to top

Implementing a security framework is important for safeguarding a business network in today’s digital landscape. Security threats are constantly evolving, and businesses are prime targets for cyberattacks that can lead to data breaches, financial losses, and damage to their reputation. A security framework can provide a comprehensive and adaptable set of guidelines and best practices that help organizations identify, protect, detect, respond to, and recover from cybersecurity risks and incidents. By adhering to NIST standards, businesses can establish a robust security posture, reduce vulnerabilities, and ensure compliance with regulatory requirements.

Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!

HIPAA is not about compliance,

it’s about patient care.TM

Listener Survey

Special thanks to our sponsors Security First IT and Kardon.

Share 0
Tweet 0
Share 0

HelpMeWithHIPAA.com Is A
Collaborative Project

Created & Sponsored By: