Product Talk – CISA's BOD 26-04 Directive Explained, E26
Download MP3CISA's BOD 26-04 replaces severity-based patching with an exploit-evidence model and remediation clocks as short as three days, fleet-wide, no exceptions. Peter Pflaster and Jason Kikta unpack the four urgency signals, the 16-row decision tree, and the shift from "justify the patch" to "justify why you can't." They also cover what it means for contractors, cyber insurance, and the future of Patch Tuesday.
If you own patching or vulnerability management, start here.
If you own patching or vulnerability management, start here.
Creators and Guests
Host
Jason Kikta
Jason Kikta is the Chief Technology Officer at Automox, where he leads the Product, Engineering, and IT/Security organizations. He has over 30 years of experience in IT, beginning with independent consulting and spanning more than two decades of military service, building and operating communications networks across the globe. During seven years at US Cyber Command’s Cyber National Mission Force, he focused on countering state actors and ransomware threats to critical infrastructure. Jason is an adjunct lecturer for the Alperovitch Institute at Johns Hopkins SAIS and an adjunct senior technical advisor to the Institute for Security and Technology, focused on AI, cybersecurity, and ransomware.
Host
Peter Pflaster
When it comes to peeling back the layers of Automox's endpoint management software, Peter Pflaster is at the ready. His approach as the Senior Manager of Product Marketing is to dive deep into the product's core, explore every feature and use case, and relay in accessible terms Automox’s transformative impact on businesses. On the ProductTalk podcast, alongside Steph Rizzuto, Peter turns complex product details into engaging, understandable content. His expertise isn't just informative — it empowers IT professionals to unlock the full potential of their operations, making him an invaluable piece of the IT puzzle.
