The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and international partners, released a cybersecurity advisory (CSA) today to warn about the ongoing exploitation of multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. […]

Government agencies and private sector firms need to boost their cybersecurity capabilities to keep pace with increasing threats and should turn to AI and quantum computing for help in pursuing that goal, Federal cybersecurity experts said today at the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon in Washington, D.C […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the UK National Cyber Security Centre (NCSC) and other international partners – has released a joint advisory warning of tactics and techniques used by alleged Russian Foreign Intelligence Service (SVR) hackers to infiltrate cloud systems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has given its Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force another two-year term to continue its work on creating solutions for managing global ICT supply chain risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is moving to consolidate disparate zero trust security policy functions into a new single office at the agency. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued 2024 Priorities today for its Joint Cyber Defense Collaborative (JCDC) – aligning its priorities for the first time under three focus areas to help establish resources required and strategic direction. […]

As polls across the United States begin to open for the 2024 election cycle, the Cybersecurity and Infrastructure Security Agency (CISA) is warning election officials of the role generative AI could play in threatening election infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to test the technical capabilities of teams and individuals in its fifth annual 2024 President’s Cup Cyber Competition, where teams will be pitted against each other in a competition to recognize and reward some of the very best in the cybersecurity world.’ […]

The Department of Homeland Security (DHS) is looking for information that will support the agency’s Advanced Analytics Platform For Machine Learning (CAP-M) Project – a program under development at the Cybersecurity Infrastructure Security Agency (CISA) – to support new software and tools in a multi-tenant cloud environment. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Dec. 15 released the results of a January 2023 Risk and Vulnerability Assessment (RVA) performed on an unidentified organization in the Healthcare and Public Health (HPH) sector that found exploitable misconfigurations and the use of weak passwords, among other cybersecurity weaknesses. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is pushing equipment and software manufacturers to eliminate the use of default passwords in their products. […]

The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a new report providing guidance on industry best practices on open source software and software bills of materials (SBOM). […]

As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA). […]

Lawmakers and industry leaders on Tuesday highlighted ways the Cybersecurity and Infrastructure Security Agency (CISA) should seek to secure artificial intelligence (AI) technologies, starting with integrating the emerging technology into the agency’s existing cyber policies and guidelines. […]

The Federal government has come a long way in improving civilian agency and critical infrastructure cybersecurity over the past ten years. Central to that improvement effort is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has the weighty mission of managing and reducing risk to U.S. cyber and physical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) voted on Dec. 5 to approve two recommendations for the agency to consider on advancing memory safe system languages (MSSL), and on further strengthening operational collaboration. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI cautioned today that the LockBit ransomware gang is exploiting the Citrix Bleed security flaw in exploits against critical infrastructure sectors, according to a joint cybersecurity advisory (CSA) issued with the Multi-State Information Sharing and Analysis Center and the Australian Cyber Security Center.  […]

The Biden administration’s recent artificial intelligence (AI) executive order (EO) is rapidly accelerating AI use and employee training among Federal agencies, a top Cybersecurity and Infrastructure Security Agency (CISA) official said on Nov. 15. […]

Federal government agencies will need to “greatly accelerate” their efforts to implement key zero trust security measures in order to keep up with potential cybersecurity threats resulting from the ongoing development of artificial intelligence (AI) technologies, said a Cybersecurity and Infrastructure Security Agency (CISA) official who addressed the Red Hat Government Symposium 2023 event in Washington, D.C. today. […]

With the Continuous Diagnostics and Mitigation (CDM) Program – one of the Cybersecurity and Infrastructure Security Agency’s (CISA) top security efforts for Federal agencies – hitting its 11-year anniversary, Program Manager Matt House last week discussed some of the program’s major priorities for fiscal year 2024. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a request for comment, looking for public comments on its latest white paper on software identification ecosystems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Logging Made Easy (LME), a new Windows-based, free and open log management toolset designed to help organizations better use security data. […]

A top Cybersecurity and Infrastructure Security Agency (CISA) official said this week that the House Republicans’ proposed 25 percent budget cut to the cyber agency would have “catastrophic” effects on CISA’s programs – like the Continuous Diagnostics and Mitigation (CDM) Program. […]

A new report out today from the Center for Strategic and International Studies (CSIS) focuses on the Cybersecurity Infrastructure Security Agency’s (CISA) growth and mission needs, and offers a range of findings and recommendations that go beyond basic funding needs to bolster CISA’s ability to defend the nation’s cyberspace and the security of Federal Civilian Executive Branch agencies (FCEB). […]

The Cybersecurity and Information Security Agency (CISA) is making some major changes to how it manages the infrastructure behind official government websites. The next change, CISA said, is launching a new .gov registrar.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) and 17 international partners rolled out the first new batch of updates to its “secure-by-design” guidance document Monday. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is asking organizations that deliver essential internet services to quickly apply updates and patches to their networks after news emerged this week detailing what are thought to be the largest-ever distributed denial-of-service (DDoS) attacks. […]

Hours before it appeared the government was set to shut down, President Biden issued an executive order Friday to extend the activities of the National Security Telecommunications Advisory Committee (NSTAC) until Sept. 30, 2025.   […]