New CISA directive will reshape how agencies prioritize cyber risks, official says

The Cybersecurity and Infrastructure Security Agency plans to release a binding directive on Wednesday that tasks the federal government with rethinking how it manages risks to its networks and prioritizing cyber vulnerabilities that demand the most urgency, agency acting director Nick Andersen said.The goal is to push agencies to focus less on the sheer number of known cyber vulnerabilities and more on the risks those flaws pose if they’re exploited by hackers, said Andersen, who added th