A new binding directive gives U.S. agencies just 15 days as opposed to 30 days to remediate critical flaws on their systems. Vulnerabilities that are merely high in severity, meanwhile, must be remediated within 30 days after detection. The directive comes as the government pushes for further security measures across various agencies. Security experts praised the initiative, but argued that the directive could go even further in trying to quickly stamp out vulnerabilities across governmental organizations. The federal government in March stepped up its game with proposals of budget line items that would requisition nearly $11 billion for cyber initiatives.
Source: https://threatpost.com/dhs-deadline-gov-agencies-fix-critical/144269/