NSA Releases Top 10 Cloud Security Mitigation Strategies


As businesses migrate their services to hybrid and multi-cloud environments, cloud misconfigurations and security breaches become critical points of failure.

Cybercriminals are aware of this and are increasingly targeting misconfigured, unsecured or unmonitored cloud systems.

The United States National Security Agency (NSA) has released a list of top ten recommended mitigation strategies that cloud customers should use to improve their security posture.

THE advisorypublished on March 7, 2024, is a compilation of ten strategies ranging from cloud security measures to identity and access management, data security practices and network segmentation.

The US Cybersecurity and Infrastructure Security Agency (CISA) supported the NSA on six of the ten strategies.

The top 10 cloud security mitigation strategies are:

  1. Respect the cloud shared responsibility model
  2. Use secure cloud identity and access management practices
  3. Use secure key management practices in the cloud
  4. Implement network segmentation and encryption in cloud environments
  5. Secure data in the cloud
  6. Championing continuous integration/continuous delivery (CI/CD) environments
  7. Apply automated and secure deployment practices via infrastructure as code
  8. Consider the complexities introduced by hybrid cloud and multi-cloud environments
  9. Mitigate Managed Service Provider Risk in Cloud Environments
  10. Manage cloud logs for effective threat hunting

Each strategy comes with an additional cybersecurity fact sheet detailing how to implement it.

Each sheet provides recommended steps to follow, best practices advised by the NSA and CISA, and a list of links in case the cloud customer wants to explore the security strategy in more detail and read additional resources on the subject.

Read more: Bringing Resilience to the Cloud with Zero Trust

Leave a comment