The Cybersecurity and Infrastructure Security Agency has led the remediation of more than 12 million known exploited vulnerabilities across 102 government departments in the past two years, said Eric Goldstein, CISA’s executive assistant director for cybersecurity.
In a testimony before Congress on Wednesday, Goldstein detailed progress on programs such as the “no-notice” SILENTSHIELD program, which conducts penetration testing across federal entities to preempt hackers in finding serious network vulnerabilities in their systems.
Goldstein told the House Subcommittee on Cybersecurity and Infrastructure Protection that CISA was able to deploy endpoint and detection response tools to 52 government agencies, allowing them to proactively detect and evict online intruders before they can cause harm.
Its Federal Attack Surface Test program led to the discovery of 1,000 vulnerabilities in official federal websites before they could be exploited by malicious actors. The agency also published vulnerability disclosure information relevant to industrial control systems, operational technology and medical devices in its Common Security Advisory Framework.
On Nov. 15, online security will be one of the numerous issues raised at the Potomac Officers Club’s 2023 Homeland Security Summit. Join the event by registering now.
