CISA Releases List of Cybersecurity Bad Practices

Cybersecurity concept for cyber bad practices

Written by: Jay H.

The US Cybersecurity & Infrastructure Security Agency (CISA) has released a list of cybersecurity bad practices. These practices are hazardous and put organizations at significant risk of cyber threats. Moreover, they are exceptionally dangerous for organizations that support Critical Infrastructure or National Critical Functions and technologies accessible from the Internet. The current list of bad practices is as follows:

1. Use of unsupported software

The first Bad Practice on the list is using unsupported (or end-of-life) software. Software that developers do not regularly maintain and update is especially vulnerable to security flaws and cyber attacks. Moreover, when hackers find and abuse a vulnerability, security updates to fix this issue likely do not get released. Ensure your organization uses software that regularly receives updates, or hackers could exploit vulnerabilities in your system and cause extensive damage!

2. Use of default passwords

An alarming amount of organizations and individuals alike use the default usernames and passwords provided by the manufacturer. This is a serious security risk your credentials are a quick Google search away! Instead, organizations need to use strong, complex passwords for every device and account they manage.

3. Use of single-factor authentication

Finally, the last Bad Practice on the catalog is using single-factor authentication for remote or administrative access to systems. Simply put, this means only requiring a username and a password to sign in to an account. Instead, organizations should enforce multi-factor authentication, which means users have to provide additional verification besides their credentials, such as a biometrics scan or a code sent to their phone.

Eliminate Bad Practices In Your Organization

Of course, this list is by no means comprehensive of all the poor cybersecurity practices. Regardless, you should eliminate these and other harmful practices in your organization to strengthen your cybersecurity. Without policies and procedures fortifying your cybersecurity, your business is at extreme risk of attack, so take action now!

If you need help developing and implementing a cybersecurity plan for your business, reach out to us today. Our security experts can tailor a cybersecurity strategy that suits your business and protect it from viruses, malware, ransomware, and hackers. Contact us now to learn more!

Protected by Copyscape


Comments are closed.