# CISA orders federal agencies to “patch smarter”

> Source: <https://www.helpnetsecurity.com/2026/06/11/cisa-risk-based-vulnerability-management-government/>
> Published: 2026-06-11 16:06:11+00:00

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly published vulnerabilities and by AI tools that are accelerating both security research and exploit development on the attacker side. Towards risk-based vulnerability management BOD 26-04 introduces a framework that allow federal civilian Executive … [More ](https://www.helpnetsecurity.com/2026/06/11/cisa-risk-based-vulnerability-management-government/)

The post [CISA orders federal agencies to “patch smarter”](https://www.helpnetsecurity.com/2026/06/11/cisa-risk-based-vulnerability-management-government/) appeared first on [Help Net Security](https://www.helpnetsecurity.com).