NSA's Top Ten Cybersecurity Mitigation Strategies

To provide a comprehensive list of all possible cybersecurity threats

To counter a broad range of exploitation techniques used by Advanced Persistent Threat (APT) actors

To outline the responsibilities of cybersecurity professionals

To establish a new cybersecurity framework for organizations

Identify

Protect

Analyze

Recover

Ignore update notifications as they may be phishing attempts

Manually review and install updates at a convenient time

Apply all available software updates immediately and automate the process

Only update software when there is a known threat

To ensure all software is compatible with the system

To increase the efficiency of software deployment

To prevent the execution of unauthorized scripts and executables

To reduce the cost of software maintenance

Enforcing strong password policies

Exercising a system recovery plan

Implementing two-factor authentication

Conducting regular employee training sessions

Increase the number of network devices for redundancy

Remove unwanted, unneeded, or unexpected hardware and software

Outsource the management of network devices and software

Keep all hardware and software to ensure maximum availability

To take proactive steps to detect, contain, and remove malicious presence within the network

To solely rely on passive detection mechanisms

To reduce the need for dedicated teams to continuously seek out, contain, and remove threat actors

To establish a one-time incident response procedure

Unified Extensible Firmware Interface (UEFI)

Trusted Platform Module (TPM)

Hardware virtualization

Antivirus software installation

To increase the complexity of the network

To block improperly formatted traffic and restrict content

To block known bad signatures and decrease effectiveness due to encryption and obfuscation techniques

To allow application-aware network defenses to block known bad signatures and quickly react to new attack vectors

To replace knowledge-based factors such as passwords and PINs entirely

To prioritize protection for accounts with elevated privileges and supplement knowledge-based factors

To provide a single factor authentication system

To make the system more user-friendly and less secure