After Log4j and SolarWinds, CISA tells agencies to routinely scan networks for devices, potential bugs

Agencies are starting out Cybersecurity Awareness Month with a new directive to routinely scan their networks for new devices and potential cyber vulnerabilities after recent high-profile cyber incidents exposed a lack of real-time visibility into federal networks.The Cybersecurity and Infrastructure Security Agency issued a binding operational directive on Monday for “improving asset visibility and vulnerability detection on federal networks.” The goal of the mandate, it states, is to “make measurable progress toward enhancing visibility into agency assets and associated vulnerabilities.”