On October 3, 2022 the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive 23-01 – Improving Asset Visibility and Vulnerability Detection on Federal Networks, a compulsory order intended to “make measurable progress toward enhancing visibility into agency assets and associated vulnerabilities.” BOD 23-01 mandates that Federal Civilian Executive Branch (FEEB) agencies complete a series of required actions within six months, or by April 3, 2023.

Forescout’s Vedere Labs latest research report is the first systematic study into deep lateral movement: how advanced adversaries can move laterally among devices at the controller level – also known as Purdue level 1 or L1 – of OT networks.