CISA Introduces Catalog of Cybersecurity Bad Practices That Need to be Eliminated

The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) has released a new information that details cybersecurity bad practices, which are extremely harmful and considerably increase threat to critical infrastructure.

There are a lot of publicized resources that offer details regarding cybersecurity best practices that ought to be implemented to enhance security, however CISA believed that one more viewpoint was necessary as it is similarly, if not more, essential to make sure that bad cybersecurity practices are taken out. CISA explained that ending the most egregious risks calls for organizations to make a determined effort to end bad practices..

CISA is recommending that leaders of all organizations to participate in important discussions to deal with technology bad practices, particularly organizations that service national critical functions.

One of the principal components of risk management is to concentrate on the critical few, mentioned CISA Executive Assistant Director Eric Goldstein in his announcement about the introduction of the brand new website tool. Organizations might have minimal resources to determine and offset risks, but getting rid of cybersecurity bad practices is an important aspect of every company’s tactical approach to security. Dealing with bad practices is not a replacement for applying best practices, however it gives a rubric for prioritization and a useful solution to the issue of ‘what to do first.

The new materials was developed right after cyberattacks on critical infrastructure that showed the effect they could have on critical government functions and the danger to security, national economic safety, and/or national public wellness and protection.

The CISA Bad Practices catalog will expand as time passes, however at present it details two cybersecurity bad practices, which are extremely dangerous: The usage of unsupported software program that has reached its end-of-life and the extended usage of known, set, and default security passwords and credentials to access and utilize Critical Infrastructure and National Critical Functions.

About Christine Garcia 1303 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at