Scroll Top

Episode 29: Federal Vulnerability Scanning Mandates 2022

The United States’ Cybersecurity & Infrastructure Security Agency is implementing a series of regulations regarding asset vulnerability and scanning to advance their leadership within the cybersecurity landscape. In this episode, Andy Richter and Dan Lohrmann close out Cyber Security Awareness month by discussing how this will affect actors in the private sector, local and state governments. 

Once you’re done listening to the episode, you can follow these links to learn more specifics about the mandates and their implementation:

https://www.govtech.com/blogs/lohrmann-on-cybersecurity/three-cybersecurity-surprises-from-state-security-chiefs

https://www.cisa.gov/binding-operational-directive-23-01

https://www.cybersecuritydive.com/news/cisa-mandates-agencies-software-vulnerabilities/633274/

https://www.theregister.com/2022/10/04/cisa_software_vulnerability_directive/

https://www.gsa.gov/cdnstatic/Vulnerability-Management-Process-%5BCIO-IT-Security-17-80-Rev-2%5D-12-30-2021docx.pdf

https://www.fedramp.gov/assets/resources/documents/CSP_Vulnerability_Scanning_Requirements.pdf

 

To hear this interview and many more like it, subscribe on Apple Podcasts, Spotify, or search for The Digital Decode in your favorite podcast player.