“The Department of Homeland Security has the authority to compel federal agencies to address cybersecurity threats. In recent years DHS has issued Binding Operational Directives to require agencies to stay current with patches for critical vulnerabilities, protect high value assets, remove Kaspersky software from government networks and defend against email and website spoofing.”
“Early on, the agency determined that BODs were best suited as a tool to set baseline cybersecurity standards for vulnerabilities that were pervasive throughout government. With the exception of a 2017 directive to purge Kaspersky Lab products from federal networks, every directive was crafted to address enterprise security problems that had a broad impact on civilian agencies.” Read the full article here.
Source: DHS grapples with cyber enforcement – By Derek B. Johnson, March 12, 2019. FCW.Tags: DHS Information Security XTRA