All posts tagged: CISA

CISA releases BOD 19-02 setting out Vulnerability Remediation Requirements for Federal Agencies

No comments

The Cybersecurity and Infrastructure Security Agency (CISA) released its latest Binding Operational Directive (BOD 19-02), “Vulnerability Remediation Requirements for Internet-Accessible Systems”, this week. The directive supersedes BOD 15-01, “Critical Vulnerability Mitigation Requirement for Federal Civilian Executive Branch Departments and Agencies’ Internet-Accessible Systems”, which came out in 2015. BOD 15-01 required federal agencies to remediate critical infosec vulnerabilities within 30 days of detection, in addition to initiating ongoing tracking and monitoring, and led to a significant improvement in the federal government’s security posture.

Read More