In a recently released Cybersecurity Advisory, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) highlighted the most common cybersecurity misconfigurations in large organizations identified through blue team and red team assessments. The advisory stated that these misconfigurations illustrate systemic weakness in many large organizations, including those with mature cyber postures.

The advisory called on both organizations and software developers to take actions that will prevent malicious actors from taking advantage of these vulnerabilities. Organizations are advised to take steps such as:

While the guidance is straightforward, compliance is not. The complexity of modern enterprises makes implementing the recommendations extremely difficult to achieve. Networks are constantly being updated, configurations are being changed, and new equipment and software are being added by teams of engineers. For most organizations, there is not a single source of truth covering network topology, configuration, and behavior. Without a single source of truth, determining what needs to happen to embrace the guidance from CISA and NSA is virtually impossible.

The Forward Networks digital twin creates a mathematical model of the network covering the configuration, connectivity, and behavior of every device, making it possible to search the network like a database and set policy checks that ensure compliance.  

Forward Networks can prevent 5 of the 10 common misconfigurations identified by CISA and NSA:

  1. Default configurations of software and applications
  2. Improper separation of user/administrator privilege
  3. Insufficient internal network monitoring
  4. Lack of network segmentation
  5. Poor patch management
  6. Bypass of system access controls
  7. Weak or misconfigured multifactor authentication (MFA) methods
  8. Insufficient access control lists (ACLs) on network shares and services
  9. Poor credential hygiene
  10. Unrestricted code execution

For more information on how the platform helps engineers prevent these misconfigurations, please read our solution guide.

Cybersecurity is front and center as part of our national defense strategy. Civilian networks responsible for life-sustaining services such as water and power must be protected with the same vigor as networks that host sensitive data.

To accomplish this the Department of Homeland Services developed the Continuous Diagnostics and Mitigation (CDM) program in 2012. CDM supports government-wide and agency-specific efforts to provide risk-based, cost-effective cybersecurity solutions for protecting federal civilian networks by providing financial assistance to civilian government agencies as they focus on improving their security posture by:

Forward Networks is an approved vendor in all 8 functional capability categories. The data collected and analyzed by the Forward Networks platform is instrumental to ensuring that the network security posture matches expectations.

Knowledge-driven Security

Forward Enterprise helps agencies comply with CISA Binding Operational Directive (BOD) 23-1. Using Forward Enterprise, security professionals can identify vulnerabilities before becoming a threat. Because Forward Networks can scan your network multiple times per day without performance degradation, it delivers timely, actionable alerts to security professionals. In conjunction with third-party application integrations, the level of detail in alerts empowers engineers to remediate any errant configurations or known critical vulnerabilities before they cause an incident. The three most popular security use cases are:

To learn more about Forward Networks’ work with federal agencies, visit https://www.forwardnetworks.com/federal/.

Security has been a top concern for years, and the reasons for this focus are increasingly clear. Government agencies are being asked by the President and governing agencies to make changes that will protect the integrity of their network and the safety of the nation.

Most recently, the Cybersecurity Infrastructure and Security Agency (CISA) issued Binding Operational Directive (BOD) 23-1. The BOD requires agencies to have a comprehensive accounting of what is in their networks. Given the size and complexity of agency networks, this is a challenging mandate to comply with. Most tools currently available cannot gather the required data in a timely manner, often taking several days to complete a scan that reaches all network endpoints. Even then these scans lack critical data required for an appropriately strong security posture.

It’s often said security is a journey not a destination; that’s also true of compliance. There are many elements, but the most important is accessible, actionable data. Forward Enterprise has several features that help agencies successfully comply with directives and enforce their security posture.

Knowledge-driven Security

Forward Enterprise helps agencies comply by using Forward Enterprise; security professionals can identify vulnerabilities before they become a threat. Because Forward Networks can scan your network multiple times per day without performance degradation, it delivers timely, actionable alerts to security professionals. In conjunction with third-party application integrations, the level of detail in alerts empowers engineers to remediate any errant configurations or known critical vulnerabilities before they cause an incident. The three most popular security use cases are:

  1. Attack surface management enables engineers to determine the blast radius of a compromised host in a single mouse click. This feature also works with the snapshot functionality to “go back in time” and document the blast radius on a specific date.
  2. Critical vulnerability management eliminates guesswork when responding to the thousands of CVEs issued each year. Forward Enterprise tracks the NIST known vulnerabilities and identifies which devices on the network are impacted using configuration, IOS, and features in use to present a prioritized remediation list. Integration with Rapid7 extends this capability to endpoints.
  3. Security posture management for agencies using microsegmentation in their pursuit of a zero trust architecture, Forward Enterprise provides a vendor-agnostic at-a-glance visualization of full, partial, or zero connectivity between zones.

To learn how Forward Networks can help your agency comply with BOD 23-1 read our solution guide or book a private meeting where our federal technical experts will focus specifically on how to address your concerns.

www.forwardnetworks.com/federal

Top cross