CISA: CISA Releases Analysis of FY21 Risk and Vulnerability Assessments

May 19, 2022

cisa logo 002

CISA Releases Analysis of FY21 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 112 Risk and Vulnerability Assessments (RVAs) conducted across multiple sectors in Fiscal Year 2021 (FY21). 

The analysis details a sample attack path comprising 11 successive tactics, or steps, a cyber threat actor could take to compromise an organization with weaknesses that are representative of those CISA observed in FY21 RVAs. The infographic highlights the three most successful techniques for each tactic that the RVAs documented. Both the analysis and the infographic map threat actor behavior to the MITRE ATT&CKĀ® framework. 

CISA encourages network defenders to review the analysis and infographic and apply the recommended mitigations to protect against the observed tactics and techniques. For information on CISA RVAs and additional services, visit the CISA Cyber Resource Hub.  

Tags: , , ,

You may have missed

hkcert

Palo Alto Products Remote Code Execution Vulnerability

April 18, 2024
CISA Logo

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

April 18, 2024
CISA Logo

CISA: CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System

April 18, 2024
CISA Logo

CISA: CISA Releases Nine Industrial Control Systems Advisories

April 18, 2024
CISA Logo

CISA: Compromise of Sisense Customer Data

April 18, 2024