Alex Iftimie spoke to Bloomberg Law about the Cybersecurity and Infrastructure Security Agency’s binding operational directive to drive remediation of vulnerabilities that are being “actively exploited” by bad actors.
The centralized list puts a spotlight on a “core group” of vulnerabilities among the tens of thousands that are released each year, Alex said.
“It helps agencies and the private sector focus on a core set of priority vulnerabilities that they really need to patch,” he added. “A big problem today is organizations are flooded with too much information, and it becomes unwieldy.”
Read the full article (subscription may be required).