New CISA Operational Directive Strengthens Cyber Defenses for Federal Networks

February 14, 2023

CISA has issued a new Operational Directive aimed at strengthening federal networks’ cyber defenses. As the article outlines, the directive is part of a larger effort by the agency to address the challenges posed by Russia’s state-sponsored attacks on critical infrastructure. In addition, the DHS has recognized the need to increase its ability to monitor distributed environments to find and remediate vulnerabilities. The agency has also found it difficult to attract and retain skilled cybersecurity personnel to fill positions.

Understanding and Mitigating Russian State-Sponsored Cyber Threats to US Critical Infrastructure

There is a growing threat of malicious cyber activity from Russia against the US critical infrastructure. This is especially true as tensions rise in Eastern Europe. It is imperative that all organizations raise their cyber resilience to withstand attacks.

Russian state-sponsored actors have been using malware and other tactics to target and disrupt critical infrastructure in the U.S. The cyber threat is now more pervasive, so all organizations must accelerate their plans to increase their cyber resilience.

The Russian Federal Security Service (RFSS), a successor agency to the former Soviet KGB, has targeted several critical infrastructure organizations, including utilities, energy companies, aviation networks, and transportation companies. They have also been conducting spearphishing campaigns to steal credentials and gain access to targeted networks.

The Russian Foreign Intelligence Service (“SVR”) has also been involved in targeting critical infrastructure organizations. They bypass multi-factor authentication on cloud accounts, allowing them to access systems with minimal effort. They also have conducted large-scale scanning of servers to find vulnerable systems.

Recruiting and retaining cyber talent has been a long-term challenge at DHS

The Department of Homeland Security (DHS) has been facing a long-term challenge of recruiting and retaining cyber talent. But the agency has recently taken steps to improve the process.

DHS’s new talent acquisition system, called the “Cybersecurity Talent Management System” or CTMS, designed to get new employees onboard more quickly. It also includes a new compensation system.

This system allows DHS to reorganize its hiring process, allowing the agency to bypass the usual job posting requirements. Instead, prospective employees will require to demonstrate their expertise through a competency-based assessment. It will also require them to submit a real-world simulation.

DHS hopes that the new program will encourage employers to recruit candidates with diverse backgrounds. DHS plans to work with minority-serving institutions, and it will offer career development opportunities to help women and underrepresented groups enter the workforce.

The DHS Intelligence and Cybersecurity Diversity Fellowship Program offers students a paid internship. The goal is to attract qualified college students to the cybersecurity industry.

Increasing visibility across distributed environments to remediate vulnerabilities

There is a lot of hype about the Internet of Things (IoT) and cloud computing, but if you are looking to make the leap into the cloud, you should first consider your cybersecurity posture. Many companies have workloads in multiple cloud locations and are susceptible to attack because of this. Fortunately, there are several tools that can help you increase visibility across distributed environments and mitigate risks, such as VMware’s Vulnerability Management and Skybox’s Security Posture Management.

For example, one of the most important steps in securing a cloud environment is to collect data on your network. You can do this through a variety of methods, but the most efficient approach is to leverage APIs. This allows you to connect to various cloud services without the need for manual intervention.

Another important step in achieving your cloud security goals is to implement identity management controls. This is especially important when you are deploying a hybrid cloud infrastructure. This will also help you minimize your overall risk profile.

Cross-agency collaboration is challenging

Efforts to improve the effectiveness of federal cyber defenses through cross-agency collaboration are crucial. While there are many advantages to these collaborative approaches, there are also some potential challenges.

For starters, the federal government has limited resources and suffers from several classification and budget limitations. These constraints have resulted in a lack of institutional capacity for collective defense. In addition, several silos have limited communication and coordination between agencies. The challenge for federal cyber defenses is to create a system that able to quickly analyze and respond to cyber threats.

To address these challenges, the federal government has started a project to implement a collaborative defense approach. Researchers from the Cyber Project, funded by the Technology Modernization Fund, conducted interviews with a variety of actors from the federal government, state government, and private sector. They poured over existing research and incorporated lessons from the Team of Teams and Cyberspace Solarium Commission reports.

Ammar Fakhruddin


Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.

Preparing Businesses for AI-Powered Security Threats

Preparing Businesses for AI-Powered Security Threats

Preparing businesses for AI-powered security threats. Stay ahead of evolving cybersecurity challenges with proactive strategies and advanced technologies. When AI goes wrong, the repercussions can be devastating. They range from the loss of life if an AI medical...

Reducing CISOs’ Risk with Data Broker Management

Reducing CISOs’ Risk with Data Broker Management

Reducing CISOs' risk with data broker management. Explore strategies to enhance cybersecurity and safeguard sensitive information in the digital landscape. Every time you use a search engine, social media app or website, buy something online or even fill out a survey...

Vulnerability Prediction with Machine Learning

Vulnerability Prediction with Machine Learning

Advance vulnerability prediction with machine learning. Explore how AI can enhance proactive cybersecurity measures to mitigate potential risks. Machine learning is a field devoted to understanding and building methods that let machines “learn” – that is, methods that...

Recent Case Studies

Mid-size US based firm working on hardware development and provisioning, used DevOps-as-a-...
One of the fastest growing providers of wealth management solutions partnered to build a m...
A US based software startup working on the advancements in genomics diagnostics and therap...

Press Releases

News & Events


Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing



About Us