CISO Tradecraft

CISO Tradecraft header image 1
April 2, 2021  

CISO Tradecraft: NSA’s Top 10 Cybersecurity Mitigation Strategies

April 2, 2021

If there's one place that knows how Advanced Persistent Threat (APT) actors work, it's the National Security Agency (NSA).  On this episode of CISO Tradecraft G Mark Hardy and Ross Young discuss NSA's Top Ten Cybersecurity Mitigation Strategies and how to use them to secure your company.

Since the mitigation strategies are ranked by effectiveness against known APT tactics, they can be used to set the priorities for organizations to minimize mission impact from cyber attacks.

  1. Update and Upgrade Software Immediately
  2. Defend Privileges and Accounts
  3. Enforce Signed Software Execution Policies
  4. Exercise a System Recovery Plan
  5. Actively Manage Systems & Configurations
  6. Continuously Hunt for Network Intrusions
  7. Leverage Modern Hardware Security Features
  8. Segregate Networks using Application-Aware Defenses
  9. Integrate Threat Reputation Services
  10. Transition to Multi-Factor Authentication

Link to NSA's Material