Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

NSA Stresses Vendor Diversification in Guidance on Network Segmentation

Robust firewalls within and around a network are especially important in environments incorporating industrial control systems, which have been targeted in Russian state-sponsored operations.

A technical cybersecurity report the National Security Agency compiled based on its experience evaluating the defense industrial base highlighted the danger associated with developing a software “monoculture” when designing network architecture. 

“Implement multiple layers of next-generation firewalls throughout the network to restrict inbound traffic, restrict outbound traffic, and examine all internal activity between disparate network regions,” reads guidance the NSA released Tuesday. “Each layer should utilize different vendors to protect against an adversary exploiting the same unpatched vulnerability in an attempt to access the internal network.”  

The detailed NSA guidance also covers the importance of administrators and encryption standards, among other aspects, for executing a zero trust approach. Zero trust is a security concept that requires constant review and permitting of access because it starts from a place of allowing minimum possible privileges for users to move around an enterprise. 

The Cybersecurity and Infrastructure Security Agency’s national cyber awareness system promoted the NSA’s guidance Thursday along with CISA’s recently released infographic on network segmentation

In January, CISA re-released its guidance for mitigating Russian state-sponsored cyber threats to U.S. critical infrastructure, which noted a proclivity for attacking the operational technology in industrial control systems like those that run in pipeline and water treatment facilities. 

“NSA recommends isolating similar systems into different subnets or virtual local area networks (VLANs), or physically separating the different subnets via firewalls or filtering routers,” the recent guidance reads. “Workstations, servers, printers, telecommunication systems, and other network peripherals should be separate from each other. Operational technology, such as industrial control systems, typically need to be isolated from other information technology and high-risk networks like the Internet. This physical separation provides stronger protection because the intermediate device between subnets must be compromised for an adversary to bypass access restrictions.”

Source: https://www.nextgov.com/cybersecurity/2022/03/nsa-stresses-vendor-diversification-guidance-network-segmentation/362792/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

NSA Director Paul Nakasone said working with the private sector is “tremendously important” when it comes to maintaining the nation’s edge over adversaries like...

Cyber Security

Snake malware has plagued international digital networks for nearly two decades; a joint federal effort finally dismantled the web of espionage spyware. The Department...

Cyber Security

An audit conducted by the Defense Department’s inspector general found agency components “may be unaware of known vulnerabilities and cybersecurity risks associated with operating...

Cyber Security

The Pentagon has awarded its JEDI cloud contract replacement. The Pentagon on Wednesday announced the awardees of the Joint Warfighting Cloud Capability—or JWCC—contract, with Amazon Web...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO