With new generations of AI models fueling both rapid software vulnerability discovery and the potential for faster exploitation by malicious hackers, the United States Cybersecurity and Infrastructure Security Agency released a new directive on Wednesday that requires more rapid and efficient software patching by federal civilian agencies. The “binding operational directive” (BOD) lays out a rubric for how quickly bugs must be fixed based on four assessments of urgency, with a turnaround time in critical cases of just three days.
Chris Butera, CISA’s acting executive assistant director for cybersecurity, told reporters on Wednesday that the goal of the directive is to help agencies prioritize, so they can address the most problematic vulnerabilities first while taking more time to remediate bugs that pose a less-pressing risk. The directive comes as private companies and governments have been scrambling to assess the extent of the cybersecurity reckoning that AI vulnerability and exploit development capabilities could unleash.
“Prioritizing IT and security operations attention on the most at-risk assets is particularly important now given advancements in artificial intelligence, which allow threat actors to find and exploit vulnerabilities in [federal] assets,” Butera said on Wednesday. “Defenders cannot afford to take weeks to patch systems that can be autonomously exploited en masse.”
The CISA directive’s criteria for evaluating patch urgency includes looking at whether a vulnerability is in a system that is publicly exposed, whether the bug is listed in CISA’s Known Exploited Vulnerabilities Catalog, whether an attacker could automate all of the steps to exploit the vulnerability, and how much access an attacker would get to the target if the bug were exploited. A vulnerability where all four points apply must be fixed within three days, according to the new directive, and the agency must also execute a “forensic triage” process to determine whether systems have already been compromised.
The directive supersedes two previous CISA orders related to patching timelines for urgent vulnerabilities—one from 2019 and one from 2021. Those established a framework in which the most critical bugs had to be patched within 15 days of detection and another class of high-urgency vulnerability had to be remediated within 30 days. And both encouraged faster patching for severe flaws when possible. Even before the AI era, in 2021, CISA wrote that “threat actors are extremely fast to exploit their vulnerabilities of choice: of those 4% of known exploited [vulnerabilities], 42% are being used on day 0 of disclosure; 50% within 2 days; and 75% within 28 days.”
US federal cybersecurity has improved significantly over the past decade, but it still often lags, thanks to funding shortfalls and competing priorities. CISA’s Butera said that the agency developed the new assessment rubric and the directive more broadly with these limitations in mind. He noted, for example, that the three-day deadline for the most urgent vulnerabilities isn’t, say, 24 hours, because such a short timeframe would not be feasible for most agencies.
New AI capabilities are already changing the landscape of vulnerability detection and bug hunting. And as this spurs new urgency in patching, many researchers have started to conclude, essentially, that no amount of patching will be enough—and that the software development community globally must work to adopt new, architectural or systemic approaches to invalidating whole classes of vulnerabilities at a time.
“CISA’s directive has its heart in the right place, but it only tackles half the challenge,” says Emily Long, CEO of the cloud security firm Edera. “If your architecture doesn’t limit what an attacker can reach after a breach, you’re just running faster on the same treadmill. Patching will always be important, but we should be talking more about containment by design.”
CISA’s Butera seemed to acknowledge this evolution on Wednesday. The new directive “is an initial step to counter the increased capabilities of emerging AI models,” he says. “Yet there is still more work to do.”