CISA and partners release guide for civil society organisations to address cyber threats
The guide recommends actions and mitigations to reduce the risk of cyber intrusions.
The US Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and several international partners from the UK, Estonia, Canada, Japan, and Finland, released a guide on Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society.
This publication provides civil society organizations (CSOs) and individuals with recommended actions and mitigations to reduce the risk of cyber intrusions. Additionally, the guide encourages software manufacturers to implement security-by-design practices that are necessary to help protect vulnerable and high-risk communities.
‘These high-risk community organizations often lack cyber threat information and security resources. With our federal and international partners, we are providing this resource to help these organizations better understand the cyber threats they face and help them improve their cyber safety’, added Jen Easterly, Director of CISA.
According to the guide, civil society, comprised of organizations and individuals—such as nonprofit, advocacy, cultural, faith-based, academic, think tanks, journalists, dissidents, and diaspora organizations, communities involved in defending human rights and advancing democracy—are considered high-risk communities. Authors note that often, these organizations and their employees are targeted by state-sponsored threat actors who seek to undermine democratic values and interests. Recommendations include regular software updates, adopting multi-factor authentication (MFA), and implementing the principle of least privilege to reduce vulnerabilities and others.
CISA and partners also encourage software manufacturers to review and implement mitigations and practices to protect CSOs. In particular, the guide says software manufacturers should implement vulnerability management to eliminate entire classes of vulnerability in their products, enable MFA by default in all products, provide logging at no additional charge to the customer, and alert customers of suspicious behaviour on their networks; and include details of a secure by design concept in corporate financial reports.