ClickCease CISA 보안 요구 사항: 민감한 정보 보호

인기 뉴스레터 구독하기

4,500명 이상의 Linux 및 오픈 소스 전문가와 함께하세요!

한 달에 두 번. 스팸이 없습니다.

CISA 보안 요구 사항: 민감한 정보 보호

by 로한 티말시나

November 6, 2024 - TuxCare expert team

The U.S Cybersecurity and Infrastructure Security Agency (CISA) recently announced proposed security requirements designed to prevent adversarial nations from gaining access to American’s personal and government-related information. These proposed guidelines come as part of a broader effort under Executive Order 14117, signed by President Biden earlier this year, and reflect growing concerns about data security risks that threaten national security.

With data breaches and state-sponsored cyber activities on the rise, these security requirements aim to counter foreign threats and strengthen the security posture of U.S. entities.

 

Who is Impacted by CISA Security Requirements?

 

The new security requirements primarily focus on organizations handling restricted transactions involving large volumes of sensitive U.S. personal data or data tied to government interests. The emphasis is on entities in sectors like technology, telecommunications, healthcare, biotechnology, finance, and defense contracting. CISA’s requirements seek to mitigate risks that could arise if data managed by these organizations is exposed to “countries of concern” or “covered persons,” which generally include nations and individuals known for cyber espionage and state-sponsored hacking campaigns against U.S. interests.

 

What are the Proposed Security Requirements?

 

CISA outlines two main areas of focus: organizational- and system-level security and data-level security requirements. Here’s a breakdown of some key proposals.

  • Organizations should maintain and update an asset inventory every month, including IP addresses and hardware MAC addresses.
  • Remediate known exploited vulnerabilities (KEVs) within 14 days.
  • Remediate critical vulnerabilities within 15 days (even if not exploited) and high-severity vulnerabilities within 30 days. TuxCare’s KernelCare Enterprise can significantly streamline this process by automating the patching of kernel vulnerabilities without requiring reboots. KernelCare supports all major enterprise Linux distributions, including Ubuntu, Debian, RHEL, CentOS, Rocky Linux, AlmaLinux, CloudLinux, Oracle Linux, Amazon Linux, and more.
  • CISA proposes maintaining accurate network topology for effective incident identification and response.
  • Enforce multi-factor authentication (MFA) on critical systems and implement strong password policies (minimum 16 characters). Additionally, revoke access credentials immediately when individuals leave the organization or change roles.
  • Implement policies to prevent unauthorized devices, like USBs, from connecting to covered systems.
  • Collect and store logs related to access- and security-focused events for at least 12 months (or until final resolution of a data breach). These include Intrusion Detection System/Intrusion Prevention System (IDS/IPS) alerts, firewall logs, VPN, and login events to enable timely identification of potential security breaches.
  • Deny all connections by default unless explicitly allowed for specific functions.
  • Apply data minimization and data masking strategies to reduce the need to collect or obfuscate data.
  • Apply encryption to sensitive data in all restricted transactions to protect against unauthorized access. Encrypt data in transit and at rest using industry-standard encryption (e.g., TLS 1.2 or higher). Store encryption keys separately and prevent access by unauthorized individuals or locations.
  • Use techniques like homomorphic encryption and differential privacy to prevent reconstruction of covered data, ensuring processed data cannot be linked back to sensitive information.

 

결론

 

CISA is welcoming public feedback on these proposed security requirements before finalization. If you’re concerned about data security and want to contribute to a more secure digital future, you can provide your comments on regulations.gov by searching for CISA-2024-0029 and selecting the “Comment Now!” option.

As organizations adapt to CISA’s new security requirements, implementing modern approaches like automated live patching can simplify vulnerability patching process while minimizing disruption. KernelCare Enterprise enables businesses to maintain security and compliance without sacrificing uptime or operational continuity.

Have questions about Linux security, vulnerability patching, or compliance standards? Reach out to our experts today—we’re here to help you find effective solutions for your organization!

 

출처: 출처: CISA

요약
CISA 보안 요구 사항: 민감한 정보 보호
기사 이름
CISA 보안 요구 사항: 민감한 정보 보호
설명
Learn about CISA new security requirements to protect sensitive personal data and U.S. government-related data from foreign threats.
작성자
게시자 이름
TuxCare
게시자 로고

Kernel 재부팅, 시스템 다운타임 또는 예정된 유지 보수 기간 없이 취약성 패치를 자동화하고 싶으신가요?

TuxCare 게스트 작가 되기

메일

Linux 환경을 이해하도록
도와주세요!

오픈소스 현황에 대한 설문조사를 완료하면 최고 상금 500달러를 포함한 여러 가지 상품 중 하나를 받을 수 있습니다!

엔터프라이즈 Linux의 미래를 만들기 위해서는 여러분의 전문 지식이 필요합니다!