“Threat actors continue to target our nation’s critical infrastructure and government networks to exploit weaknesses within unknown, unprotected or under-protected assets. Knowing what’s on your network is the first step for any organization to reduce risk. While this directive applies to federal civilian agencies, we urge all organizations to adopt the guidance in this directive to gain a complete understanding of vulnerabilities that may exist on their networks. We all have a role to play in building a more cyber resilient nation.”
CISA Directive Casts Wider Net
CISA asserts that the directive will significantly increase visibility into assets and vulnerabilities across the federal government. As such, the directive is intended to improve capabilities by both CISA and each agency to detect, prevent, and respond to cybersecurity incidents and better understand trends in cybersecurity risk.While the directive is a mandate for federal civilian agencies, CISA recommends that private businesses and state, local, tribal and territorial (SLTT) governments review it and prioritize implementation of rigorous asset and vulnerability management programs.CISA Marks Cybersecurity Awareness Month
In other CISA news, the agency recognized October as Cybersecurity Awareness Month. Correspondingly, a proclamation by President Biden designates October “as a time for the public and private sectors to work together to continue raising awareness about the importance of cybersecurity and equip the American people with the resources needed to be safer and more secure online.”Throughout October, CISA, in partnership with the National Cybersecurity Alliance (NCA), will focus on what it means to “See Yourself in Cyber” by highlighting the actions that all Americans can take to raise the baseline for cybersecurity across the country.Easterly urged the nation to become more cyber resilient:“To build a more resilient nation, everyone… has a role to play, which is why our theme for this year’s Cybersecurity Awareness Month is 'See Yourself in Cyber.’ This October, we are taking this message directly to the American people because whether you’re a network defender or anyone with an internet connection, we all have a role to play in strengthening the cybersecurity of our nation.
“Throughout the month, CISA will be engaged with communities across the country to promote cyber hygiene — simple but effective ways to keep Americans safe online through basic steps like enabling multi-factor authentication; using strong passwords and a password keeper; recognizing and reporting phishing; and promptly updating software. Together, we will make better cybersecurity a reality.”