Practical cyber guardrails

The FBI’s “Ten Actions to Improve Cyber Resiliency” specifically tells organizations to identify and maintain an inventory of internet‑facing systems and to “regularly scan public IP space” to detect new exposures. (fbi.gov) CISA’s Internet Exposure Reduction Guidance, published June 4, 2025, urges routine reviews of internet‑facing assets and lists free web‑based discovery tools organizations can use to find misconfigured or exposed services. (cisa.gov) Rapid7’s incident data shows missing or unenforced multi‑factor authentication on internet‑facing systems accounted for about 41% of incidents their MDR observed in 2023, with VPNs and virtual desktop infrastructure frequently implicated. (rapid7.com) Microsoft Defender for Endpoint added an internet‑facing device discovery feature that integrates RiskIQ telemetry to flag externally exposed devices inside the Defender inventory, letting teams map external exposures to internal owners. (techcommunity.microsoft.com) Censys research and related industry analyses continue to document high rates of cloud and remote‑access misconfigurations across providers, quantifying widespread exposure of management interfaces and services to the public internet. (censys.com) Vendors are rolling integration into products to reduce manual gaps: SonicWall announced a Generation‑8 firewall family on Aug. 13, 2025, that bundles next‑generation firewall capabilities with integrated ZTNA and unified management to simplify deployments. (sonicwall.com)