Hackers are targeting U.S. critical infrastructures and CISA Is seriously worried about Government agencies getting hacked. They ordered Federal Agencies to Regularly Track Network Assets and Vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD 23-01 ) that directs federal agencies in the country to keep track of assets and vulnerabilities on their networks six months from now.
They are tasked with two sets of activities:
- Asset discovery and
- Vulnerability enumeration
This involves carrying out automated asset discovery every seven days and initiating vulnerability enumeration across those discovered assets every 14 days.