The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a new report providing guidance on industry best practices on open source software and software bills of materials (SBOM). […]
As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA). […]
Lawmakers and industry leaders on Tuesday highlighted ways the Cybersecurity and Infrastructure Security Agency (CISA) should seek to secure artificial intelligence (AI) technologies, starting with integrating the emerging technology into the agency’s existing cyber policies and guidelines. […]
The Federal government has come a long way in improving civilian agency and critical infrastructure cybersecurity over the past ten years. Central to that improvement effort is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has the weighty mission of managing and reducing risk to U.S. cyber and physical infrastructure. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) voted on Dec. 5 to approve two recommendations for the agency to consider on advancing memory safe system languages (MSSL), and on further strengthening operational collaboration. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI cautioned today that the LockBit ransomware gang is exploiting the Citrix Bleed security flaw in exploits against critical infrastructure sectors, according to a joint cybersecurity advisory (CSA) issued with the Multi-State Information Sharing and Analysis Center and the Australian Cyber Security Center. […]
The Biden administration’s recent artificial intelligence (AI) executive order (EO) is rapidly accelerating AI use and employee training among Federal agencies, a top Cybersecurity and Infrastructure Security Agency (CISA) official said on Nov. 15. […]
Federal government agencies will need to “greatly accelerate” their efforts to implement key zero trust security measures in order to keep up with potential cybersecurity threats resulting from the ongoing development of artificial intelligence (AI) technologies, said a Cybersecurity and Infrastructure Security Agency (CISA) official who addressed the Red Hat Government Symposium 2023 event in Washington, D.C. today. […]
With the Continuous Diagnostics and Mitigation (CDM) Program – one of the Cybersecurity and Infrastructure Security Agency’s (CISA) top security efforts for Federal agencies – hitting its 11-year anniversary, Program Manager Matt House last week discussed some of the program’s major priorities for fiscal year 2024. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a request for comment, looking for public comments on its latest white paper on software identification ecosystems. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Logging Made Easy (LME), a new Windows-based, free and open log management toolset designed to help organizations better use security data. […]
A top Cybersecurity and Infrastructure Security Agency (CISA) official said this week that the House Republicans’ proposed 25 percent budget cut to the cyber agency would have “catastrophic” effects on CISA’s programs – like the Continuous Diagnostics and Mitigation (CDM) Program. […]
A new report out today from the Center for Strategic and International Studies (CSIS) focuses on the Cybersecurity Infrastructure Security Agency’s (CISA) growth and mission needs, and offers a range of findings and recommendations that go beyond basic funding needs to bolster CISA’s ability to defend the nation’s cyberspace and the security of Federal Civilian Executive Branch agencies (FCEB). […]
The Cybersecurity and Information Security Agency (CISA) is making some major changes to how it manages the infrastructure behind official government websites. The next change, CISA said, is launching a new .gov registrar. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and 17 international partners rolled out the first new batch of updates to its “secure-by-design” guidance document Monday. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is asking organizations that deliver essential internet services to quickly apply updates and patches to their networks after news emerged this week detailing what are thought to be the largest-ever distributed denial-of-service (DDoS) attacks. […]
Hours before it appeared the government was set to shut down, President Biden issued an executive order Friday to extend the activities of the National Security Telecommunications Advisory Committee (NSTAC) until Sept. 30, 2025. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is kicking off its public service announcement (PSA) “Secure Our World” campaign that is focused on increasing cybersecurity awareness across government and private entities. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released new actionable guidance that focuses on mitigating volumetric distributed denial-of-service (DDoS) attacks against government websites. […]
The Cybersecurity and Infrastructure Agency (CISA) has announced on Sept 5 a “voluntary pledge” for K-12 education technology software developers and manufacturers to commit to creating products with a greater emphasis on cybersecurity built in. […]
Rep. Andrew Garbarino, R-N.Y., is asking the Cybersecurity and Infrastructure Security Agency (CISA) to provide some clarity on its partnerships in the critical infrastructure sectors. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called on Congress today to reauthorize the Chemical Facility Anti-Terrorism Standards (CFATS) program – which the cybersecurity chief said has resulted in improving the security posture of high-risk facilities by 60 percent. […]
The Cybersecurity and Infrastructure Security Agency (CISA) reported that its Vulnerability Disclosure Policy (VDP) platform has helped agencies uncover and address more than 1,000 bugs through December 2022. […]
It has officially been two years this week since Robert Costello joined the Cybersecurity and Infrastructure Security Agency (CISA) as its chief information officer (CIO) and pledged to make workplace culture one of his top priorities. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly announced this week that the agency’s workforce has expanded to 3,160 employees, after the agency made more than 1,300 new hire over the past two years. […]
As part of its broad efforts to foster a secure-by-design and -default technology ecosystem, the Cybersecurity and Infrastructure Security Agency (CISA) called on AI software makers last week to build security into systems from the outset. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released the latest version of its Risk and Vulnerability Assessments (RVA) report, which found that threat actors had the most attack success through “common methods” such as phishing techniques in fiscal year (FY) 2022. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is planning to hold a virtual industry day event on August 15 to discuss its Joint Collaborative Environment (JCE) – a recently established effort that aims to enhance CISA’s industry partnerships and enrich cyber threat data. […]
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released new guidance on July 17 that provides recommendations to protect against threats to 5G standalone network slicing. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said the agency is surpassing its own target for the rate at which Federal agencies are using automated Continuous Diagnostics and Mitigation (CDM) program reporting. […]