At a glance.
- CISA issued Binding Operational Directive 23-01.
- LAUSD says ransomware operators missed most sensitive PII.
- API protection report describes malicious transactions.
- Analysis of cyber risk in relation to SaaS applications.
- Review: Russian cyber operations have achieved nuisance-level effects.
- Reports of dissident hacktivism in Russia.
CISA issued Binding Operational Directive 23-01.
CISA opened the US Federal Fiscal Year with Binding Operational Directive 23-01, "Improving Asset Visibility and Vulnerability Detection on Federal Networks." The Directive specifies desired outcomes for asset visibility and vulnerability detection without prescribing the steps Federal Executive Civilian Agencies need to take to comply. The key compliance deadline is April 3, 2023.