Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Joint Guide to Securing Remote Access Software from CISA and Partners

June 8, 2023

I confess that most lawyers will want to make sure this post is forwarded to their cybersecurity experts. It isn’t easy reading, but it is important reading.

On June 6, CISA, the FBI, the NSA, the Multi-State Information Sharing and Analysis Center (MS-ISAC) and the Israel National Cyber Directorate (INCD) released the Guide to Securing Remote Access Software.

As the announcement states, “this new joint guide is the culmination of a collaborative effort to provide an overview of legitimate uses of remote access software, as well as common exploitations and associated tactics, techniques, and procedures (TTPs), and how to detect and defend against malicious actors abusing this software.

Remote access software provides organizations with a broad array of capabilities to maintain and improve information technology (IT), operational technology (OT), and industrial control system (ICS) services; however, malicious actors often exploit this software for easy and broad access to victim systems.

CISA encourages organizations to review this joint guide for recommendations and best practices to implement in alignment with their specific cybersecurity requirements to better detect and defend against exploitation. Additionally, please refer to the additional information below on guidance for MSPs and small- and mid-sized businesses and on malicious use of remote monitoring and management software in using remote software and implementing mitigations.”

I do recommend that lawyers take a stab at understanding the document, which is only 11 pages long. At the very least, when you talk to those in charge of protecting your confidential data, you’ll be speaking the same language and your questions will be easier to formulate.

Hat tip to Dave Ries.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Joint Guide to Securing Remote Access Software from CISA and Partners

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer