The Cybersecurity and Infrastructure Security Agency has warned of ongoing malicious cyber activity targeting endpoint management systems and urged organizations to strengthen configurations against potential threats.
The latest CISA alert underscores the growing urgency for organizations to strengthen endpoint security and defend against evolving cyberthreats. Timely discussions around cybersecurity strategies continue across government and industry. Reserve your spot at the 2026 Cyber Summit and be part of the conversation on May 21.
The alert follows a March 11 cyberattack on medical technology company Stryker that disrupted its global network and affected its Microsoft environment, CISA said Wednesday.
Table of Contents
What Are the Best Practices to Help Strengthen Microsoft Intune Protections?
CISA outlined several measures organizations should adopt to reduce risk and prevent unauthorized activity, including applying least privilege principles and using Microsoft Intune’s role-based access control to limit permissions and scope of access.
Microsoft Intune is a cloud-based unified endpoint management platform designed to help IT teams manage and secure applications and devices.
The agency also urged organizations to enforce phishing-resistant multifactor authentication, strengthen privileged access controls using Microsoft Entra ID tools and require multi-admin approval for high-risk actions such as device wipes and configuration changes.
CISA also directed organizations to Microsoft and federal resources for broader guidance on securing Intune, implementing zero trust principles and strengthening identity and access management controls.
What Did Acting CISA Director Nick Andersen Say About Efforts to Address the Cyberattack?
Acting CISA Director Nick Andersen said the agency has been working directly with Stryker alongside federal partners to respond to the incident, Nextgov/FCW reported Tuesday.
“We’ve engaged with them. Our teams have worked with them, as well as some of the FBI teams, and our regional personnel have been engaged with them,” Andersen told reporters after speaking at a McCrary Institute event on Tuesday.
He did not provide additional updates but added that CISA is continuing to work with sector-based industry groups on foreign cyberthreats.
Related Articles
The Federal Communications Commission has updated its Covered List to exempt four uncrewed aircraft systems after the Department of War determined they do not pose national security risks. As federal agencies refine policies around trusted drones and secure airspace technologies, industry leaders are converging to discuss capabilities and strategies shaping the evolving air and space landscape. Secure your spot at the 2026 Air and Space Summit on July 30 to connect and exchange insights with government and industry leaders. FCC said Wednesday the decision marks the first set of “Conditional Approvals” following DOW’s January determination that certain drones and components
The Office of the Director of National Intelligence has warned that missile and cyber threats to the United States are accelerating, posing serious risks to the homeland. Tulsi Gabbard, director of national intelligence and a 2026 Wash100 awardee, presented the 2026 Annual Threat Assessment to the Senate Select Committee on Intelligence on Wednesday, outlining key risks identified by the intelligence community. Join government and industry leaders as they discuss how to combat rising cyberthreats at the Potomac Officers Club’s 2026 Cyber Summit on May 21. The event will feature panels on applying automation and AI in cyber defense and the
The Government Accountability Office is urging updates to the national quantum computing strategy, citing gaps in coordination, performance tracking and agency responsibilities across federal efforts. For an illuminating panel discussion on the security concerns of quantum and post-quantum cryptography, attend Potomac Officers Club’s 2026 Cyber Summit on May 21! What Are the Gaps in the National Quantum Computing Strategy? According to the GAO report published Wednesday, the current strategic plan developed by the Subcommittee on Quantum Information Science, or SCQIS, under the National Quantum Initiative Act, does not fully meet the criteria for an effective national strategy. While it defines purpose