In the news: CISA Directive Requires Federal Agencies to Secure Network Devices; SUSE Report Reveals Cloud Security Concerns; Canonical Sunbeam Extends OpenStack to Small Cloud Environments; IT Teams Struggle with Cloud Operations; NVIDIA Announces Large Memory AI Supercomputer; PostgreSQL 16 Beta; Red Hat Announces Ansible Lightspeed AI Service; Global Tech Adoption Trends from the World Economic Forum; and CIQ Announces New Infrastructure Management Platform.
CISA Directive Requires Federal Agencies to Secure Network Devices
A new CISA directive requires agencies to "take steps to reduce the attack surface created by insecure or misconfigured management interfaces across certain classes of devices."
The Binding Operational Directive 23-02 (https://www.cisa.gov/news-events/directives/binding-operational-directive-23-02), which outlines the steps required for compliance, defines a networked management interface as "a dedicated device interface that is accessible over network protocols and is meant exclusively for authorized users to perform administrative activities on a device, a group of devices, or the network itself."
"Recent threat campaigns underscore the grave risk to the federal enterprise posed by improperly configured network devices," the directive states.
SUSE's "Securing the Cloud" trend report reflects industry concerns around cloud security, as "88 percent of professionals agreed that if they were certain about the integrity of
...
Use Express-Checkout link below to read the full article (PDF).
In the news: Red Hat Announces Ansible Lightspeed with IBM watsonx Code Assistant; Dell APEX Cloud Platform for Red Hat OpenShift Announced; NSA Offers Best Practices for OSS in Operational Technology Environments; Civil Infrastructure Platform Adds New Super-Long-Term Linux Kernel; HTTP/2 Protocol Exploited in Largest DDoS Attack Ever; Docker Announces Three New Products for Secure App Delivery; CloudBees Updates Jenkins and Offers New DevSecOps Platform; Linkerd 2.14 Released with Improved Multi-Cluster Support; NIST Releases Draft of Cybersecurity Framework v2.0; CISA and MITRE Announce Open Source Caldera for OT
In the news: NIST Updates Cybersecurity Framework; Poor Cloud Security Practices Put Organizations at Risk; ORNL and NOAA Launch New Supercomputer for Climate Research; DOE Envisions New High Performance Data Facility; VMware Updates Tanzu with New Security Features; Microsoft Launches AI-Powered Security Copilot; IBM Deploys First Quantum Computer Dedicated to Healthcare Research; LPI Announces IT Security Essentials Certification
In the news: CIQ Offers Long-Term Support for Rocky Linux on AWS; Apple's PQ3 Brings Post-Quantum Security to iMessage; Google Open Sources Magika File-Type Detection System; Microsoft Announces Sudo for Windows; Linux Foundation Launches Post-Quantum Cryptography Alliance; Sys Admins Saw the Biggest Average Salary Increase in 2023, According to Dice; Use of Open Source Software Increased Significantly in 2023; Docker Build Cloud Announced; Wi-Fi CERTIFIED 7 Announced; EU Commissions Nostradamus Project for Quantum Testing; and NIST Identifies Main Types of Adversarial Machine Learning Threats, GitLab Announces Critical Security Releases.
