H-ISAC TLP White Intelligence Report: CISA Insights on Risk Considerations for Managed Service Provider Customers

The United States Cybersecurity and Infrastructure Security Agency (CISA) has released a new CISA Insights report titled, Risk Considerations for Managed Service Provider Customers (MSPs), which provides a framework that government and private sector organizations, including small and medium-sized businesses, outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk. 

CISA Insights are informed by US intelligence and real-world events, with each insight providing background information on cyber or physical threats to critical infrastructure, as well as a ready-made set of mitigation activities that organizations can implement.

This resource includes best practices and considerations from the National Institute of Standards and Technology (NIST) and other authoritative sources. The guidance is geared towards the three main organizational groups that play a role in reducing overall risk, including senior executives and boards of directors, procurement professionals, and network administrators, systems administrators, and front-line cybersecurity staff.

The CISA Insights report can be accessed here and is additionally attached via this alert, which can be accessed through Cyware.

For additional supply chain risk management information or resources, visit CISA.gov/ict-supply-chain-library.

View the entire report below. 

Release Date

Sep 03, 2021
Alert ID 3a2bbbed