CISA issues new directive to bolster cloud security - and Microsoft was singled out

CISA issues new directive to bolster cloud security - and Microsoft was singled out

Briefly

CISA's directive highlights known cloud risks. Misconfigured systems expose agencies to threats. Setting baselines and enforcing them reduces the attack surface. This step, though unsurprising, is critical.

ITProhttps://www.itpro.com/cloud/cloud-security/cisa-issues-new-directive-to-bolster-cloud-security-and-microsoft-was-singled-out

CISA will maintain and update a detailed list of in-scope policies and cloud tenants, provide agencies with reporting instructions, and provide agencies with troubleshooting support.

ITProhttps://www.itpro.com/cloud/cloud-security/cisa-issues-new-directive-to-bolster-cloud-security-and-microsoft-was-singled-out

The improper configuration of security controls in cloud environments has introduced substantial risk and has resulted in compromises and unauthorized access, urging the need for this directive.

ITProhttps://www.itpro.com/cloud/cloud-security/cisa-issues-new-directive-to-bolster-cloud-security-and-microsoft-was-singled-out

Cory Michal emphasized that the directive is a 'much-needed step' towards improving the organizational security posture of federal agencies leveraging cloud and SaaS tools.

ITProhttps://www.itpro.com/cloud/cloud-security/cisa-issues-new-directive-to-bolster-cloud-security-and-microsoft-was-singled-out