====== Cyber Best Practice ======

===== TSA Directive 2022 =====
[[https://www.tsa.gov/sites/default/files/tsa_sd_pipeline-2021-02-july-21_2022.pdf|Here]].

===== Best Practice =====
Companies that get breached mostly fail on the following points. Source: Unit 42 - Dec 2022
  * No MFA
  * No XDR/EDR
  * No patch management
  * No account lockout on brute force
  * Important alerts lost without sufficient review/action
  * Weak passwords permitted
  * System misconfiguration