DHS Tasks Agencies to Comply With ‘Cyber Hygiene’ Directive

The Department of Homeland Security released a binding operational directive on Monday urging federal agencies to continue complying with regulation that requires periodic assessments of critical network vulnerabilities.

BOD 19-02 is directing agencies to take action based on the Cybersecurity and Infrastructure Security Agency’s “Cyber Hygiene” reports under BOD 15-01, which was issued in 2015 to fortify the federal government’s security posture.

BOD 15-01 requires federal agencies to address the vulnerabilities of their internet-facing systems as identified in their Cyber Hygiene reports within 30 days.  As part of the new directive, DHS requires agencies to ensure that critical vulnerabilities identified in Cyber Hygiene reports are remediated within 15 days and high vulnerabilities within 30 days. 

Agencies are also required to ensure that Cyber Hygiene personnel have access to scan their networks. CISA will provide agencies with a remediation plan for overdue corrective actions if the deadline was not followed.

CISA works with the National Cybersecurity and Communications Integration Center as well as the Office of Management and Budget to identify critical cyber vulnerabilities and allocate proper resources for agencies in need of cybersecurity assistance.

You may also be interested in...

Anthony Iasso

Anthony Iasso Named Xator CTO; CEO David Scott Quoted

The Xator Corporation announced on Friday that Anthony Iasso has been appointed the company’s new chief technology officer. Xator CEO David Scott elaborated that Iasso would take advantage of Xator’s key investments in the company’s acquisitions and tech capabilities to further propel its solution offerings for its customers.