Why Everyone Needs to Take the Latest CISA Directive Seriously

2021-12-03 01:23

Each agency has its own operational and technology teams that are not under the direct control of CISA - and that's where the CISA directives come in.

A CISA directive is intended to compel tech teams at federal agencies to take certain actions that CISA deems necessary to ensure safe cybersecurity operations.

To start, take a step back and think about CISA's reasoning before you simply dismiss its latest directive.

Big, obvious, known vulnerabilities such as those listed in the CISA directive can lie waiting for an attacker to exploit simply because tech teams never fixed it.

So what the CISA directive is really saying is that practical realities mean that there's an ocean of vulnerabilities that are simply not getting addressed and which are leading to successful exploits.

That's what the CISA directive really means.... Whether you're in government or the private sector, a rethink is needed because vulnerabilities are piling up so rapidly.

News URL

https://thehackernews.com/2021/12/why-everyone-needs-to-take-latest-cisa.html

#cisa