The forthcoming mandate aims to triage vulnerabilities by real-world consequences of a successful cyberattack, marking a major shift in how the government decides which cyber risks demand attention first.
Roberto Schmidt/Getty Images
By
David DiMolfetta,Cybersecurity Reporter, Nextgov/FCW
By
David DiMolfetta
Federal government will be directed to plan first to ward off the most devastating attacks.
The move is part of CISA’s response “to the current threat landscape where AI software services can assist threat actors to find…
The new directive gives federal agencies three days to fix the most dangerous flaws, while less severe issues can be deferred.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that…
CISA’s new BOD 26-04 requires federal agencies to prioritize the remediation of vulnerabilities in the KEV catalog, based on risk.
Officials have considered having the Cybersecurity and Infrastructure Security Agency leverage the advanced AI model that was…
