Fact-check: The article is sourced from CISA's official alerts, which aligns with their role in the 'Critical Infrastructure' situation, and the claims about the report's release and content are consistent with NIST and CISA's ongoing cybersecurity collaborations. The details on the executive order and shared responsibilities are standard and verifiable through government resources. No contradictions were found in cross-referencing with current events.
NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment
CISA and NIST have released a draft Interagency Report (IR 8597) for public comment, addressing the protection of identity tokens and assertions from forgery, theft, and misuse in cloud environments. The guidance responds to a White House executive order on cybersecurity and is aimed at federal agencies and cloud service providers. It covers identity access management controls, Secure by Design principles, and clarifies shared responsibilities between CSPs and government consumers. Public commen