Security News > 2022 > November > Security “sampling” puts US federal agencies at risk

Titania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government.

The study, "The impact of exploitable misconfigurations on the security of agencies' networks and current approaches to mitigating risks in the US Federal Government", finds that network professionals report that they are meeting their security and compliance practices, but data suggest that risk remains elevated.

In effect, the agencies are sampling the security of their fleets of network devices.

Sampling is an inherently risky approach to configuration security that leaves agencies open to the threat of configuration drift taking down networks.

"A known vulnerability or misconfiguration is an easy way in. As our report uncovers, the US federal government is not immune. Government agencies need to adopt a zero trust approach to cybersecurity - hardening networks from the inside-out to make it significantly harder for intruders to gain entry and move laterally."

"Increasing the frequency of risk assessments and remediation of all network devices is the first step to preventing configuration drift from taking down US government networks and allowing intruders to gain access to sensitive systems and data."

News URL

https://www.helpnetsecurity.com/2022/11/09/us-government-exploitable-misconfigurations/