Sign In

Communications of the ACM

ACM News

Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws

View as: Print Mobile App Share:
Headquarters of the U.S. Department of Homeland Security

The U.S. Department of Homeland Security has previously imposed cybersecurity mandates on government agencies.

Credit: Ting Shen for the Wall Street Journal

The Biden administration on Wednesday issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.

The new requirement is one of the most wide-reaching cybersecurity mandates ever imposed on the federal government. It covers about 200 known security flaws identified by cybersecurity professionals between 2017 and 2020 and an additional 90 discovered in 2021 alone that have generally been observed being used by malicious hackers. Those flaws were listed in a new federal catalog as carrying "significant risk to the federal enterprise."

The directive—released by Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, which issued the order—applies to all executive branch departments and agencies except for the Defense Department, the Central Intelligence Agency and the Office of the Director of National Intelligence. Cybersecurity for civilian federal agencies is typically managed separately from the military and national security agencies.

From The Wall Street Journal
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account