US security bodies highlight 10 most common cybersecurity misconfigurations

NSA and ISA say findings indicate ‘systemic weakness’ in many large organizations.

Retaining default configurations of software and applications is the most common of 10 security risks highlighted by the US National Security Agency (NSA) and Infrastructure Security Agency (ISA).

The two agencies have issued a joint cybersecurity advisory (CSA) in which the 10 most common network misconfigurations are listed. That list is:

  1. Default
Free Trial

Register for free to keep reading.

To continue reading this article and unlock full access to GRIP, register now. You’ll enjoy free access to all content until our subscription service launches in early 2026.

  • Unlimited access to industry insights
  • Stay on top of key rules and regulatory changes with our Rules Navigator
  • Ad-free experience with no distractions
  • Regular podcasts from trusted external experts
  • Fresh compliance and regulatory content every day
Register for free Already a member? Sign in