Cybersecurity

DHS issues new directive to protect high-value assets

cybersecurity

The Department of Homeland Security announced May 25 that it has issued a new Binding Operational Directive designed to further protect high-value assets in the federal government from cyber attacks.

Under the new directive, 18-02, federal agencies must submit to DHS an updated and prioritized list of their own high-value assets within 30 days of the order’s issuance, dated May 7. They must also identify a point of contact within the agency responsible for coordinating with DHS.

Additionally, a select number of agencies designated by the Office of Management and Budget must authorize DHS to conduct deeper assessments around risks and vulnerability and remediate any critical weaknesses identified within 30 days of notification.

“With the issuance of BOD 18-02, DHS introduces a more focused, integrated approach to addressing weaknesses across federal agency [high-value assets], facilitates ongoing collaboration across cybersecurity teams to drive timely remediation, and ensures senior executive involvement to manage risk across an agency enterprise,” wrote Jeanette Manfra, Assistant Secretary for Cybersecurity and Communications in a note accompanying the directive’s release.

The new BOD will supersede a similar directive issued in 2016.

“Based on operational insights and lessons learned, DHS is enhancing its approach to conducting these engagements to provide agencies with improved results and findings by expanding system scope, refining assessment methodologies, and using less-constrained penetration testing approaches to resemble tactics, techniques, and procedures used by advanced threat actors attempting to gain unauthorized access,” the directive read.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected