Since the original issuance of ED 21-02, Microsoft has developed new tools and techniques to aid organizations in investigating whether their Microsoft Exchange servers have been compromised,” CISA wrote in the supplemental. “CISA is directing additional actions to identify compromises that may remain undetected. The supplemental directive, released March 31, said these additional steps are necessary despite a successful federal response to the threat.įederal News Network's CX Exchange: Join us over two afternoons, April 26 and 27, where we will explore the technology, policy and processes that underpin agency efforts to serve the public, businesses and the government’s own workforce more effectively. These new mandates come less than a month after CISA released its initial emergency directive. And then weekly, for the next four weeks, they must download and run the latest version of MSERT and only report to CISA findings that may indicate a compromise.Īdditionally, by June 28, CIOs and chief information security officers must take seven steps to harden their Microsoft Exchange Server implementations, including adding firewall, identity management and other protections. And then weekly, for the next four weeks, they must download and run the latest version of MSERT and only report to CISA.īy April 5, agency IT and cyber executives must run the current version of Microsoft Safety Scanner (MSERT) in full scan mode and report their results to the Cybersecurity and Infrastructure Security Agency (CISA). Agency chief information officers have new marching orders to further protect their systems and networks from the Microsoft Exchange vulnerability.īy April 5, agency IT and cyber executives must run the current version of Microsoft Safety Scanner (MSERT) in full scan mode and report their results to the Cybersecurity and Infrastructure Security Agency (CISA).
0 kommentar(er)
