Joint Cybersecurity Advisory: Protecting Against Cyber Threats to Managed Service Providers and Their Customers   [open pdf - 689KB]

From the Summary: "The cybersecurity authorities of the United Kingdom (NCSC-UK [United Kingdom National Cyber Security Centre] [hyperlink]), Australia (ACSC [Australian Cyber Security Centre] [hyperlink]), Canada (CCCS [Canadian Centre for Cyber Security] [hyperlink]), New Zealand (NCSC-NZ [New Zealand National Cyber Security Centre] [hyperlink]), and the United States (CISA [U.S. Cybersecurity and Infrastructure Security Agency] [hyperlink]), (NSA [National Security Agency] [hyperlink]), (FBI [hyperlink]) are aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and expect this trend to continue. This joint Cybersecurity Advisory (CSA) provides actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. This advisory describes cybersecurity best practices for information and communications technology (ICT) services and functions, focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data. Organizations should implement these guidelines as appropriate to their unique environments, in accordance with their specific security needs, and in compliance with applicable regulations. MSP customers should verify that the contractual arrangements with their provider include cybersecurity measures in line with their particular security requirements."

Report Number:
Joint Cybersecurity Advisory AA22-131A
Public Domain
Retrieved From:
U.S. Department of Defense: https://www.defense.gov/
Media Type:
Help with citations