CISA Releases Cyber Configuration Baselines for Google Applications

The Cybersecurity and Infrastructure Security Agency has released nine new tools to help organizations protect their Google applications.

The tools set configuration baselines for Gmail, Google Drive and other Google Workspace applications. Chad Poland, manager for cyber shared services at CISA, said the Google toolkit covers most of the business collaboration suite of software-as-a-service offerings that organizations use daily. He added that the products will help prevent misconfigurations and ultimately mitigate intrusions.

The products were developed using insights from CISA’s Microsoft 365 configuration baseline products released in 2022. They are part of the Secure Cloud Business Applications project.

CISA is seeking comments on the configurations, as well as information on how to automate baseline implementation more effectively. Responses are due Jan. 12, Federal News Network reported Tuesday.

The cybersecurity agency also plans to release a tool by 2024 designed to help organizations learn about the risks they face and guide them on how to mitigate them.

The ReadySetCyber tool will provide a baseline of an organization’s current cybersecurity posture and offer insights, strategies, tools and resources to help users eliminate risks. It will also be designed to make cybersecurity adoption a simple process for all organizations.