Live Threats
[CVE-2026-1234]Windows CLFS Driver zero-day — privilege escalation to SYSTEM, CISA KEV confirmed, patch immediately|
[CVE-2026-0891]Fortinet FortiOS authentication bypass — unauthenticated admin access, active exploitation in the wild|
[CVE-2026-2201]Palo Alto PAN-OS command injection — remote code execution on firewall management plane, CISA KEV listed|
[PATCH]Microsoft April 2026 Patch Tuesday — 147 CVEs addressed including 3 zero-days, deploy immediately|
[BREACH]Healthcare sector breach — 2.3M patient records exposed, PHI including SSNs and medical histories compromised|
[CVE-2026-1887]Chrome V8 type confusion RCE — remote code execution via malicious web page, update Chrome immediately|
[COMPLIANCE]PCI DSS 4.0.1 MFA deadline — mandatory multi-factor authentication enforcement now in effect for all merchants|
[CVE-2026-3310]Cisco IOS XE privilege escalation — authenticated users gain root on affected switches and routers, patch now|
[RANSOMWARE]LockBit 4.0 SMB campaign — RDP brute-force targeting small businesses, double-extortion, 72-hour ransom window|
[ADVISORY]Adobe Acrobat PDF phishing wave — malicious PDFs bypassing email filters, credential harvesting at scale|
[CVE-2026-1234]Windows CLFS Driver zero-day — privilege escalation to SYSTEM, CISA KEV confirmed, patch immediately|
[CVE-2026-0891]Fortinet FortiOS authentication bypass — unauthenticated admin access, active exploitation in the wild|
[CVE-2026-2201]Palo Alto PAN-OS command injection — remote code execution on firewall management plane, CISA KEV listed|
[PATCH]Microsoft April 2026 Patch Tuesday — 147 CVEs addressed including 3 zero-days, deploy immediately|
[BREACH]Healthcare sector breach — 2.3M patient records exposed, PHI including SSNs and medical histories compromised|
[CVE-2026-1887]Chrome V8 type confusion RCE — remote code execution via malicious web page, update Chrome immediately|
[COMPLIANCE]PCI DSS 4.0.1 MFA deadline — mandatory multi-factor authentication enforcement now in effect for all merchants|
[CVE-2026-3310]Cisco IOS XE privilege escalation — authenticated users gain root on affected switches and routers, patch now|
[RANSOMWARE]LockBit 4.0 SMB campaign — RDP brute-force targeting small businesses, double-extortion, 72-hour ransom window|
[ADVISORY]Adobe Acrobat PDF phishing wave — malicious PDFs bypassing email filters, credential harvesting at scale|
View All
CISA Releases Updated Secure-by-Design Guidance for SMBs
Security News/Issue #16 — April 7 – April 13, 2026
ADVISORYINFO

CISA Releases Updated Secure-by-Design Guidance for SMBs

Published April 10, 2026
5 min read
Source: CISA
SHARE:
Executive Summary

CISA published updated Secure-by-Design guidance specifically tailored for small and medium-sized businesses, covering practical steps for implementing MFA, network segmentation, and incident response planning without enterprise-level budgets.

What CISA Published

The Cybersecurity and Infrastructure Security Agency (CISA) released an updated version of its Secure-by-Design guidance document specifically tailored for small and medium-sized businesses. The document, available free at cisa.gov, provides practical, actionable cybersecurity guidance that does not require enterprise-level budgets or dedicated security staff to implement. The guidance covers the most impactful security controls that SMBs can implement to significantly reduce their risk of a successful cyberattack.

Key Recommendations from the Guide

The CISA SMB guide prioritizes the following controls as having the highest impact for the lowest cost and complexity. Multi-factor authentication on all email accounts, remote access systems, and cloud services — CISA estimates that MFA prevents over 99% of automated credential attacks. Regular, tested backups stored offline or in immutable cloud storage — the most effective defense against ransomware. Keeping all software and operating systems patched and up to date — the majority of successful attacks exploit known, patched vulnerabilities. Employee security awareness training — human error remains the leading cause of security incidents. Basic network segmentation to isolate critical systems.

Free Resources Available to SMBs

CISA offers several free resources that SMBs can take advantage of immediately. The Cyber Hygiene Vulnerability Scanning service provides free external vulnerability scanning for your internet-facing systems. The Ransomware Readiness Assessment tool helps you evaluate your organization's preparedness for a ransomware attack. The Phishing Campaign Assessment service tests your employees' ability to recognize phishing emails. All of these services are available at no cost to U.S. businesses. Segler.Net can help you interpret the results and implement the recommended improvements.

Key Takeaways & Action Items
  • Download and review CISA's SMB Secure-by-Design guide — it's free and practical
  • Implement MFA on all email accounts and remote access systems as a first priority
  • Develop a basic incident response plan — even a simple one is far better than none
  • Segment your network to isolate critical systems from general business traffic
  • Use CISA's free cybersecurity resources including their vulnerability scanning service
Share This
LinkedInX / TwitterEmail

Need Help With This Threat?

Our San Antonio security team can assess your exposure, apply patches, and protect your business before attackers strike.

Schedule a Security ReviewCall (210) 496-7313

Stay ahead of the next threat

Get weekly security alerts — breaches, patch updates, compliance news, and threat intel — delivered free to your inbox every week.

Breach alerts
Patch roundups
Compliance news
No spam, ever
Back to Issue #16: April 7 – April 13, 2026
PREVIOUS ARTICLE
Healthcare Data Breach: 890,000 Patient Records Exposed via Third-Party Vendor
NEXT ARTICLE
Adobe Acrobat & Reader: 12 Critical Vulnerabilities Patched
Talk with Us