The US Cybersecurity and Infrastructure Security Agency (CISA), in charge of leading national cybersecurity and infrastructure resilience programs, wants a change to federal law that would allow it to inspect systems behind ISPs and notify them to fix problems.
The Department of Homeland Security, which oversees CISA, wants to learn about vulnerable systems before they become a security problem. But it still needs to go through the local federal agency to obtain a subpoena that can be used to oblige ISPs to provide data regarding their customers. Federal agencies won’t serve a subpoena unless an investigation is ongoing.
