The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance to prioritize remediation of vulnerabilities presently actively exploited by adversaries.
Binding Operational Directive (BOD) 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities establishes a CISA-managed catalog of known exploited vulnerabilities. It requires federal civilian agencies to address the vulnerabilities within specific timeframes.
“Every day, our adversaries are using known vulnerabilities to target federal agencies,” CISA Director Jen Easterly said. “As the operational lead for federal cybersecurity, we are using our directive authority to drive cybersecurity efforts toward mitigation of those specific vulnerabilities that we know to be actively used by malicious cyber actors. The Directive lays out clear requirements for federal civilian agencies to take immediate action to improve their vulnerability management practices and dramatically reduce their exposure to cyberattacks.”
Easterly noted, while the Directive applies to federal civilian agencies, there is the understanding organizations nationwide are targeted via the same vulnerabilities. She said it is critical every organization adopt the Directive and prioritize mitigation of vulnerabilities listed in the agency’s public catalog.
CISA personnel acknowledged the Directive applies to federal civilian agencies, but the agency recommends private businesses and state, local, tribal, and territorial (SLTT) governments prioritize addressing vulnerabilities and subscribe to receive notifications when new vulnerabilities are added.
The ByteDance-owned TikTok faces an uphill battle in the United States after President Joe Biden…
Promising to grow space for integrating and delivering on critical defense programs by more than…
In unsealing a 13-page indictment this week, the U.S. Department of Justice (DOJ) revealed charges…
A bill targeting the illicit fentanyl supply chain, the Fentanyl Eradication and Narcotics Deterrence (FEND)…
In order to move the state closer to federal standards and allow reporting of local…
For the next round of participants in a pilot program to Accelerate the Procurement and…
This website uses cookies.