The Cyber Defense Plan for Remote Monitoring and Management, a collaboration between the U.S. Cybersecurity and Infrastructure Agency (CISA) and industry partners, aims to address security issues with remote monitoring and management (RMM) tools. RMM software has been increasingly exploited by hackers as a way to circumvent security systems and establish access to victim networks. The plan focuses on four main tasks: vulnerability information sharing, industry coordination, end-user education, and advisory amplification. The plan seeks to expand the sharing of cyber threat and vulnerability information between the U.S. government and RMM industry stakeholders while also implementing mechanisms for the community to “mature scaled security efforts.”
In the announcement Wednesday, CISA said it worked with industry partners as part of the Joint Cyber Defense Collaborative (JCDC) to create a “clear roadmap to advance security and resilience of the RMM ecosystem.” Also included, is this detail – SMBs account for 6.5 million business and over 40% of U.S. gross domestic product (GDP)
Why do we care?
I saw some pushback that this was slick marketing without substance. I’ll disagree, as it’s the attention to the ecosystem by CISA that I believe is the key reason to care. Software providers in this space are now not without oversight. That’s a big deal. The collaboration included several MSPs, security vendors, and three major RMM players. There’s an end-user education aspect to the guidance too, which will be the product to consume by providers and implement. It’s a step in the compliance chain now too. So that’s why we care.

