The Record reports a federal mandate that is likely to give a lot of agencies major headaches in compliance:
Federal civilian agencies have been ordered to remove end-of-life devices within 12 months due to widespread exploitation campaigns by sophisticated hackers.
The U.S. cyber defense agency issued an operational directive on February 5 mandating federal agencies to “remove any hardware and software devices that is no longer supported by its original equipment manufacturer.”
“Unsupported devices pose a serious risk to federal systems and should never remain on enterprise networks,” said Cybersecurity and Infrastructure Security Agency (CISA) Acting Director Madhu Gottumukkala.
Read more at The Record.
Related: BOD 26-02: Mitigating Risk From End-of-Support Edge Devices
