OMB orders federal agencies to let CISA access defenses of devices, servers

Written by Oct 11, 2021 | CYBERSCOOP

The White House is directing agencies to let the Cybersecurity and Infrastructure Security Agency work with them on their efforts to protect endpoints, such as computer workstations and servers — an area where officials have said the federal government fell short in the SolarWinds hack.


The Office of Management and Budget issued a memo on Friday that sets a 90-day deadline for CISA, the main cyber wing of the Department of Homeland Security, to access agencies’ current endpoint detection and response deployments. It then spells out timelines for other steps to improve their endpoint defenses.


OMB says the goal is to establish “improved agency capabilities for early detection, response, and remediation of cybersecurity incidents on their networks, using advanced technologies and leading practices.”


The memo is an outgrowth of President Joe Biden’s cybersecurity executive order from May. And the focus on endpoints reflects one of the main takeaways from a March Senate hearing where then-CISA Director Brandon Wales said the agency wasn’t equipped to catch today’s hackers, like the SolarWinds perpetrators who compromised nine federal agencies, hopping from server to server to avoid notice.


OMB’s memo directs agencies to take other actions within 90 days. CISA must develop a method for continuously evaluating the effectiveness of agencies’ endpoint detection capabilities. CISA will work with the Chief Information Officer Council to recommend endpoint detection improvements and agencies.


..

Support the originator by clicking the read the rest link below.