Andrew Sweeney
A new binding operational directive (BOD) announced by the Cybersecurity and Infrastructure Security Agency (CISA) is giving federal, executive branch departments, and agencies less than 6 months to act to better protect their assets. BOD 23-01 aims to make ‘measurable progress’ toward enhancing visibility into agency assets and associated vulnerabilities. It focuses on two areas:
The growing frequency and cost of cyberattacks are huge causes for concern for governments, businesses, and individuals. Cybercrime cost US businesses more than $6.9 billion in 2021 and a study released last year found that in 93% of cases a hacker can breach a company’s network perimeter and gain access to local resources. On average that can take just two days!
Public agencies are a clear target but by gaining greater visibility of your assets and detecting vulnerabilities early, you can reduce that risk. CISA wants to stop headlines like those in 2020 when an attack impacted multiple government departments as well as other non-governmental organizations. Attackers focused on the supply chain to gain entry and accessed vast quantities of information.
To protect assets you need complete visibility into what you have, where they are located, who is using them, and what is running on them. You need to be sure everything is patched, is using the latest OS, and complies with your organization’s security policies. CISA notes a variety of asset discovery methods, such as active scanning, passive flow monitoring, querying logs or API query for software defined infrastructure. This will enable FCEB agencies to:
By April 3, 2023, all FCEB agencies must:
Also by April 3, 2023, agencies and CISA, through the CDM program, will deploy an updated CDM Dashboard configuration that enables access to object-level vulnerability enumeration data for CISA analysts, as authorized in the Executive Order on Improving the Nation’s Cybersecurity.
Within 6 months of CISA publishing requirements for vulnerability enumeration and performance data, all FCEB agencies must initiate the collection and reporting of vulnerability performance data under the directive, to the CDM Dashboard for oversight and monitoring purposes.
To manage asset discovery and vulnerability enumeration within the timeline set by CISA is intelligent automation consider a digital platform conductor (DPC), which has been recognized in four Gartner hype cycles. A DPC connects to, collects, and analyzes information from IT asset discovery and management tools, identifies security vulnerabilities, and orchestrates and automates workflows to quickly mitigate risks.
Using a DPC you can:
Using the orchestration capabilities of a DPC you can also automate many of the workflows required to secure any vulnerabilities, including software update or patches, testing and more to reduce risks.
Book a demo with ReadyWorks to understand how you can leverage a DPC to comply with CIS BOD 23-01.