[TheRecord] White House to federal agencies: Step up your endpoint monitoring

Federal agencies will be required to give the Office of Management and Budget and the Cybersecurity and Infrastructure Security Agency (CISA) details about how they gather and analyze threat-related information from their computer workstations and other endpoints, something known as endpoint detection and response, or EDR.

In a memo released late Friday, OMB Director Shalanda Young told agencies that they would need to assess the state of their endpoint detection and response and coordinate their efforts with CISA so there can be a more standard response to cyber threats across the federal government. The directive is part of a broader effort by the Biden administration to make federal government more proactive and less reactive to potential cyber attacks.

“EDR will improve the Federal Government’s ability to detect and respond to increasingly sophisticated threat activity on federal networks,” Young said in the memo, adding that she is seeking more early detection, remediation, and advanced technologies to protect government networks.

EDR combines real-time continuous monitoring of networks and the collection of endpoint data — from things like workstations, mobile devices, and servers — with automated responses and analysis, which allows network administrators and security officials to respond more quickly to threats like phishing attacks, polymorphic malware (which is constantly changing in order to evade detection), and nation state actors.

The memo said federal agencies will have 120 days to assess the status of their current capabilities, and then coordinate with CISA to fill any gaps they might find. The idea is to enable security officials to hunt for possible threats before they become full-fledged attacks. 

The post White House to federal agencies: Step up your endpoint monitoring appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Cruise Giant Carnival Says Customers Affected by Breach

All posts, Security Week

Carnival Corp. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[NCSC-NL] NCSC-NL publishes factsheet PKIoverheid is changing: Coordinate the necessary changes in your ICT processes

All posts, NCSC-NL

In the coming months, changes will take place in the PKIoverheid system, in order to resolve an issue that was discovered in July. In the meantime, the certificate issuers have started replacing PKIoverheid leaf certificates. Source: Read More (National Cyber Security Centre – News items)

Read More

[SecurityWeek] Israel Says It’s Targeting Hamas’ Cryptocurrency Accounts

All posts, Security Week

Israel said Thursday it will begin seizing cryptocurrency accounts used by the Palestinian Hamas group to raise money for its armed wing. read more Source: Read More (SecurityWeek RSS Feed)

Read More