US Cyber-Defense Agency Urges Companies To Automate Threat Testing

The US government’s cyber defense agency is recommending for the first time that companies embrace automated continuous testing to protect against longstanding online threats.

The guidance, from a cluster of US and international agencies published on Wednesday, urges businesses to shore up their defenses by continually validating their security program against known threat behaviors, rather than a more piecemeal approach. “The authoring agencies recommend continually testing your security program, at scale,” according to an alert from the Cybersecurity and Infrastructure Security Agency and several other US and international agencies. The alert warned malicious cyber actors allegedly affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps are exploiting known vulnerabilities for ransom operations. An official at CISA told Bloomberg ahead of the announcement that emulating adversaries and testing against them is key to defending against cyberattacks. Central to the effort is a freely available list of cyberattackers’ most common tactics and procedures that was first made public in 2015 by MITRE, a federally funded research and development center, and is now regularly updated. While many organizations and their security contractors already consult that list, too few check if their systems can actually detect and overcome them, the CISA official said.