Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»Biden Administration Orde...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

Related: General Discussion, Editorials & Other Articles

mahatmakanejeeves

(57,567 posts) Wed Nov 3, 2021, 02:42 PM Nov 2021

Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws

Source: The Wall Street Journal.

POLITICS * NATIONAL SECURITY

Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws

Agencies come under new pressure to close cybersecurity flaws after sometimes balking at such measures in the past

By Dustin Volz
https://twitter.com/dnvolz
dustin.volz@wsj.com
Updated Nov. 3, 2021 11:18 am ET

WASHINGTON—The Biden administration on Wednesday issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.

The new requirement is one of the most wide-reaching cybersecurity mandates ever imposed on the federal government. It covers about 200 known security flaws identified by cybersecurity professionals between 2017 and 2020 and an additional 90 discovered in 2021 alone that have generally been observed being used by malicious hackers. Those flaws were listed in a new federal catalog as carrying “significant risk to the federal enterprise.”

TO READ THE FULL STORY
SUBSCRIBE
SIGN IN

Read more: https://www.wsj.com/articles/biden-administration-to-order-federal-agencies-to-fix-hundreds-of-cyber-flaws-11635937200


I posted the article saying that this would happen in GD this morning.

Biden Administration to Order Federal Agencies to Fix Hundreds of Cyber Flaws

https://www.democraticunderground.com/100216011579
InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 3 replies, 1648 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (10) ReplyReply to this post
3 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws (Original Post) mahatmakanejeeves Nov 2021 OP
It's sad they had to be told! Why didn't they fix problems as soon as they're discovered? n/t napi21 Nov 2021 #1
From the source: "Reducing the Significant Risk of Known Exploited Vulnerabilities" mahatmakanejeeves Nov 2021 #2
I wonder what percentage of vulnerable systems run Microsoft Products? OneCrazyDiamond Nov 2021 #3

mahatmakanejeeves

(57,567 posts)
2. From the source: "Reducing the Significant Risk of Known Exploited Vulnerabilities"
Reply to mahatmakanejeeves (Original post)
Wed Nov 3, 2021, 02:57 PM
Nov 2021

There are links within the .pdf.

Reducing the Significant Risk of Known Exploited Vulnerabilities

OVERVIEW

The impact of cybersecurity intrusions that leverage vulnerabilities in information technology and operational technology products threaten the public sector, the private sector, and ultimately the American people’s security and privacy. In 2020, industry partners identified a total of 18,358 new cybersecurity vulnerabilities, or Common Vulnerabilities and Exposures (CVEs). Of these, 10,342—an average of 28 per day—are classified “critical” or “high severity” vulnerabilities.

Organizations across both public and private sectors struggle to find time to test and implement remediations to these vulnerabilities—such as patches and updates—across complex infrastructures. Additionally, the effort and subject matter expertise required to research the degree of risk posed by a given vulnerability makes prioritizing CVEs a challenge.

In response to these challenges, the Cybersecurity and Infrastructure Security Agency (CISA), via Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, has created—and published on CISA.gov—a living catalog of known exploited vulnerabilities that carry significant risk. Approximately 200 vulnerabilities from 2017-2020 and 90 from 2021 make up the initial publication. CISA will regularly update the catalog with new known exploited vulnerabilities that meet specified thresholds.

{snip}
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Latest Breaking News»Biden Administration Orde...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.