NextGov: In November, the Cybersecurity and Infrastructure Security Agency issued a draft directive that would require civilian agencies to work with security researchers to find vulnerabilities on their websites. The policy is now final, according to Rep. Jim Langevin, D-R.I.
“CISA has finalized their BOD 20-01 and it is coordinating with [the Office of Management and Budget] on issuance,” Langevin said in an interview with Nextgov. “The current plan is for OMB to release their policy first, followed by CISA's directive shortly thereafter.”
The most significant government policy, business, and technology news and analysis delivered to your inbox.Subscribe Now