Today, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and align cloud environments to CISA’s Secure Cloud Business Applications (SCuBA) secure configuration baselines.
Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls, which attackers can use to gain unauthorized access, exfiltrate data, or disrupt services. As part of CISA and the broad U.S. government’s effort to move the federal civilian enterprise to a more defensible posture, this Directive will further reduce the attack surface of the federal government networks.
The new Directive can be found at Binding Operational Directive (BOD) 25-01. To learn more about CISA Directives, visit Cybersecurity Directives webpage.
Today, CISA and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted in response to…
CISA released eight Industrial Control Systems (ICS) advisories on December 19, 2024. These advisories provide…
Fortinet released a security update to address a vulnerability in FortiManager. A remote cyber threat…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
This website uses cookies.