CISA asked CISO: Does this asset really have to be on the Internet?

Especially if the assets exposed without proper allocation and management, especially if they are not properly allocated and managed.
Guide to “covering basics”
“The data we collected at the Internet Storm Center showed that assets were scanned and discovered within minutes of exposure,” he said in an email. “The best targets are exposed Telnet and SSH servers with weak passwords, web-based management consoles for a variety of devices (camera, firewall, network storage devices) and remote access tools (e.g. [Windows] RDP. “This has become a bigger problem, and with many applications deployed in the cloud, it does make restricting access to them more difficult.
He said: “CISA guidance is to make good points and cover the basics, but the tricky part is to expand these efforts. Public search engines like Shodan and Censys are helpful. [to infosec pros]but they should not replace regular scans from external IP addresses. ”