The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, Multi-state Information Sharing and Analysis Center (MS-ISAC), and the Israel National Cyber Directorate (INCD) released a joint guide to securing remote access software. Corporate Information Technologies is proud to be a contributor to this guide as we believe strengthening our nation's security posture is a team sport that requires collaboration from everyone. More specifically, CorpInfoTech believes that securing remote access software represents a crucial step in this mission. Our founder and president, Lawrence Cruciana, had the opportunity to contribute and offer his expertise as a member and contributor to the Joint Cyber Defense Collaborative (JCDC).
"I am beyond excited to be a part of the collaborative that informed this paper. It's the result of a years-long personal journey raising awareness and concern for the RMM and software supply-chain. Thank you CISA and all of the many supporters that made it possible." Lawrence Cruciana Founder and President of Corporate Information Technologies
According to CISA, "Remote access software provides organizations with a broad array of capabilities to maintain and improve information technology (IT), operational technology (OT), and industrial control system (ICS) services; however, malicious actors often exploit this software for easy and broad access to victim systems". RAS software and technologies are integral to the operation of MSPs, IT help desks, and other remote business operations. Unfortunately, bad actors are able to use this technology to exploit and infiltrate organizations. This joint guide from CISA and its contributors seeks to inform organizations on the risks of remote access software while offering a guide on how to detect and defend against malicious use of this software".
This document is the result of multiple agencies, alongside private companies like CorpInfoTech working together to create an actionable guide for organizations using remote access software.
Read CISA's Guide to Securing Remote Access Software and learn more about the tactics, techniques, and procedures (TTPs) that bad actors use, and how to defend against these malicious users.