Photo credit: www.csoonline.com
In October 2024, CISCO revealed a critical vulnerability affecting its Remote Access VPN feature within the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. This flaw could enable an unauthenticated remote attacker to trigger an unexpected device reload, potentially leading to a denial of service (DoS) scenario on impacted units. Users are advised that there are no available workarounds or mitigations; instead, installation of the necessary patches is essential for their systems’ security.
During the annual process of renewing cyber insurance, my insurer made it clear that providing coverage for my business was contingent upon demonstrating robust cybersecurity measures. The insurer’s inquiries highlighted areas considered vulnerable, particularly remote access, third-party vendor connections, and network administrator profiles, all of which required enhanced security protocols.
MFA is a requirement most insurers insist upon
One significant stipulation from the insurer was the implementation of multifactor authentication (MFA) across various access points. This requirement extended to all forms of remote access, including VPNs, as well as remote monitoring and management (RMM) tools like remote desktop protocol (RDP). Furthermore, they emphasized the necessity of enforcing MFA for email access and any remote interactions with critical resources, encompassing access by third-party vendors as well.
Source
www.csoonline.com