Federal civilian agencies have a new list of cyber-related requirements to address after the Cybersecurity and Infrastructure Security Agency on Tuesday issued guidance regarding the implementation of secure practices for cloud services. CISA’s Binding Operational Directive (BOD) 25-01 instructs agencies to identify all of its cloud instances and implement assessment tools, while also making sure that their cloud environments are aligned with the cyber agency’s Secure Cloud Business Applications (SCuBA) configuration baselines. CISA Director Jen Easterly said in a statement that the actions laid out in the directive are “an important step” toward reducing risk across the federal civilian enterprise, though threats loom in “every sector.” https://lnkd.in/dBeFrCFz
