Watch On:
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) issued today Binding Operational Directive (BOD) 23-01, Improving Asset Visibility and Vulnerability Detection on Federal Networks, that directs federal civilian agencies to better account for what resides on their networks. This Directive takes the next step by establishing baseline requirements for all Federal Civilian Executive Branch (FCEB) agencies to identify assets and vulnerabilities on their networks and provide data to CISA on defined intervals.
Show Notes
The Cybersecurity and Infrastructure Security Agency (CISA) issued today Binding Operational Directive (BOD) 23-01, Improving Asset Visibility and Vulnerability Detection on Federal Networks, that directs federal civilian agencies to better account for what resides on their networks.
Over the past several years, CISA has been working urgently to gain greater visibility into risks facing federal civilian networks, a gap made clear by the intrusion campaign targeting SolarWinds devices.
While this Directive applies to federal civilian agencies, we urge all organizations to adopt the guidance in this directive to gain a complete understanding of vulnerabilities that may exist on their networks.
We all have a role to play in building a more cyber resilient nation.”CISA is committed to using its cybersecurity authorities to gain greater visibility and drive timely risk reduction across federal civilian agencies.
This Directive is a mandate for federal civilian agencies.
