The Cybersecurity and Infrastructure Security Agency (CISA) has announced plans to extend its Continuous Diagnostics and Mitigation (CDM) program to include operational technology (OT). The CDM program aims to provide federal agencies with the tools and capabilities necessary to identify and mitigate cybersecurity risks. Traditional IT endpoints already form part of the program, but extending it to include OT will allow for non-traditional or operational technology to be monitored and secured. This move is part of a broader government effort to better manage and secure non-traditional systems such as industrial control systems, building management systems, and other connected devices. The CDM program plans to focus on improving asset management, automating FISMA metrics reporting, and rolling out endpoint detection and response capabilities.
CISA ready to rock CDM program in the world of OT
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-109.png)
Latest from News
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-123-720x480.png)
UK Firms Unite for Cybersecurity Success
TLDR: Yahoo is part of the Yahoo brand family, which includes Yahoo and AOL. When using Yahoo sites and applications, Cookies are used for
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-14-720x480.jpg)
PKfail vulnerability lets hackers install UEFI malware on 200+ devices
TLDR: PKfail vulnerability affects over 200 device models, compromising Secure Boot. Exploiting the vulnerability allows attackers to install UEFI malware. Article Summary: The PKfail
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-121-720x480.png)
OpenStack Nova flaw lets hackers infiltrate cloud servers without permission
TLDR: A vulnerability in OpenStack’s Nova component, tracked as CVE-2024-40767, allows hackers to gain unauthorized access to cloud servers. The vulnerability affects multiple versions
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-40-720x480.jpg)
CrowdStrike alert: New phishing scam targets German customers
TLDR: – CrowdStrike warns of a new phishing scam targeting German customers. – Malicious installers distributed via a fake website impersonating a German entity.
![](https://cybersecuritypeek.com/wp-content/uploads/2024/01/cybersecurity-images-36-720x480.jpg)
Beware: NKorea Cyber Op Targets Military, Nuclear Secrets in UK, US, SKorea
Article Summary TLDR: UK, US, and S. Korea issued a warning about a North Korea-backed cyber espionage campaign The group Andariel has been targeting