CISA urges users to review, use new NSA guidelines
On January 24, the Cybersecurity and Infrastructure Security Agency (CISA) posted a notice about the National Security Agency’s (NSA) recent cloud vulnerability guidelines.
The NSA has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud vulnerabilities, and potential mitigation measures.
CISA encourages administrators and users to review NSA’s guidance on Mitigating Cloud Vulnerabilities and CISA’s page on APTs Targeting IT Service Provider Customers and Analysis Report on Microsoft Office 365 and other Cloud Security Observations for information on implementing a defense-in-depth strategy to protect infrastructure assets.