NSA and partners advise on edge device mitigation strategies

On February 4, the National Security Agency (NSA) announced that it has joined the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and others to release three guides Cybersecurity Information Sheets (CSIs) that highlight critically important mitigation strategies for securing edge device systems, including firewalls, routers, and virtual private network (VPN) gateways.

Collectively, these reports – “Mitigation Strategies for Edge Devices: Executive Guidance,” “Mitigation Strategies for Edge Devices: Practitioners Guidance,” and “Security Considerations for Edge Devices” – provide a high level summary of existing guidance for securing edge devices, with comprehensive recommendations for tactical, operational, and strategic audiences to enhance network security and improve resilience against cyber threats.

“Edge devices act as boundaries between organizations’ internal enterprise networks and the Internet; if left unsecured, even unskilled malicious cyber actors have an easier time finding and exploiting vulnerabilities in their software or configurations,” said Eric Chudow, an NSA cybersecurity vulnerability analysis subject matter expert. “As organizations scale their enterprises, even though securing all devices is important, prioritizing edge device security is vital to defend the many endpoints, critical services, and sensitive data they protect.”

The guide, “Mitigation Strategies for Edge Devices: Executive Guidance” is intended for executives within large organizations and critical infrastructure sectors responsible for the deployment, security, and maintenance of enterprise networks. It outlines seven key mitigation strategies for managing and securing edge devices within traditional network architectures:

1. Know the edge
2. Procure secure-by-design devices
3. Apply hardening guidance, updates, and patches
4. Implement strong authentication
5. Disable unneeded features and ports
6. Secure management interfaces
7. Centralize monitoring for threat detection

The companion guide, “Mitigation Strategies for Edge Devices: Practitioners Guidance,” is written for operational, cybersecurity, and procurement staff and provides an overview of what edge devices are; risks and threats to them; relevant frameworks and controls by some of the authoring nations; and a more in depth discussion on the seven mitigation strategies. Additionally, the report includes a case study of a successful exploitation to show how malicious actors compromise edge devices when they are not secured properly and to highlight further how edge devices are critical to the security of a network.

Expanding on the other reports, the “Security Considerations for Edge Devices” guidance details threats to edge devices from common malicious techniques and ways organizations can reduce the risk of compromise with mitigation recommendations. The publication also outlines factors organizations should consider when evaluating the security of edge devices, along with recommendations for edge device manufacturers to improve the built-in and default security of devices they produce.

Source: NSA

IC News delivers the situational awareness you need to get ahead and stay ahead in the IC contracting space. Subscribe today for full access to 10,000+ articles, plus new articles each weekday.