Enabling FCEB Agencies to Enact BOD 23-01


Binding Operational Directive 23-01 applies to all IP-addressable networked assets that can be reached over IPv4 and IPv6 protocols. Most agencies have worked for many years to understand their IT assets and vulnerabilities, but few have focused on OT and IoT assets and hyperconnected facilities.

OT technologies encompass a wide range of machines and configurations, to include pumps, compressors, valves, turbines, and similar equipment, interface computers and workstations, programmable logic controllers and many diagnostics, safety, metering, and monitoring and control systems that enable or report the status of variables, processes, and operations.

With current and former federal civilian cybersecurity leaders and experts, this panel discussion dives into which technologies and networks are in scope for the BOD, how to meet its requirements, and overcome potential asset discovery and visibility challenges.

You’ll learn:

  • What federal OT networks encompass and why OT is increasingly important to protect for federal agencies
  • Nuances in IT/OT security awareness
  • How to understand and implement BOD 23-01
  • Tips and lessons learned for enacting the BOD by the deadline
  • Danielle Jablanski, OT Cybersecurity Strategist, Nozomi Networks
  • Suzanne Spaulding, Senior Advisor, Center for Strategic and International Studies
  • Branko Bokan, Cybersecurity Specialist, CISA
  • Kosta Kalpos, Director, Federal Civilian Government Affairs, Splunk 

Related Content



Binding Operational Directive 23-01

A binding operational directive (BOD) is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. CISA has issued BOD 23-01 with requirements that focus on two core activities essential to improving operational visibility for a successful cybersecurity program: asset discovery and vulnerability enumeration.

Request a Personalized Demo

See how easy it is to:
  • Discover all OT, IoT, ICS, IT, edge, and cloud assets on your networks
  • Gain immediate awareness of cybersecurity threats, risks and anomalies
  • Detect security incidents and respond quickly
  • Consolidate security, visibility, and management within a single platform