The Biden administration on Wednesday issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.
The new requirement is one of the most wide-reaching cybersecurity mandates ever imposed on the federal government. It covers about 200 known security flaws identified by cybersecurity professionals between 2017 and 2020 and an additional 90 discovered in 2021 alone that have generally been observed being used by malicious hackers. Those flaws were listed in a new federal catalog as carrying "significant risk to the federal enterprise."
The directive—released by Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, which issued the order—applies to all executive branch departments and agencies except for the Defense Department, the Central Intelligence Agency and the Office of the Director of National Intelligence. Cybersecurity for civilian federal agencies is typically managed separately from the military and national security agencies.
From The Wall Street Journal
View Full Article