Ten most common cyber security misconfigurations, as revealed by the NSA and CISA


According to an advisory by the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), systemic weaknesses in large organizations are “all too common” and leveraged by multiple malicious actors. The agencies have compiled a list of the top ten cybersecurity misconfigurations.

In their recently released cybersecurity advisory, the agencies detailed the many tactics, techniques, and procedures that cyber criminals can employ to compromise networks, as well as various mitigations to defend against the threats.

According to the authorities, the top ten misconfigurations illustrate a trend of systematic weaknesses within many large organizations. The list is as follows:

2. Improper separation of user/administrator privilege

3. Insufficient internal network monitoring

4. Lack of network segmentation

5. Poor patch management

6. Bypass of system access controls

7. Weak or misconfigured multifactor authentication (MFA) methods

8. Insufficient access control lists (ACLs) on network shares and services

9. Poor credential hygiene

10. Unrestricted code execution

“Learn from the weaknesses of others and implement the suggested mitigations properly to protect the network, its sensitive information, and critical missions,” the report reads.

The NSA and CISA identified the ten most common network vulnerabilities over the years, assessing more than 1,000 network enclaves across the Department of Defense, Federal Civilian Executive Branch, government, and private sectors.

“Many of the assessments were of Microsoft Windows and Active Directory environments,” authorities evaluated. “However, it should be noted that many other environments contain similar misconfigurations.”