The Cybersecurity and Infrastructure Security Agency (CISA) on Oct. 20 released new security configuration baseline recommendations for Microsoft 365 cloud services. […]

The Cybersecurity and Infrastructure Security Agency (CISA) plans to host a public listening session in Washington, D.C. on Oct. 19 to get input on forthcoming proposed regulations to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). […]

The Cybersecurity and Infrastructure Security Agency (CISA) has selected Mona Harrington to be the assistant director for the agency’s National Risk Management Center (NRMC), a position she has been serving on a temporary basis since March. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has opened their annual, voluntary cybersecurity assessment for state, local, tribal, and territorial (SLTT) entities across the nation and aims to provide a broad picture of the current cybersecurity gaps and capabilities. […]

The Senate Homeland Security and Governmental Affairs Committee on Sept. 28 voted to approve legislation that would authorize the Cybersecurity and Infrastructure Security Agency (CISA) to undertake and fund a new initiative to provide industrial control systems (ICS) security training. […]

The Federal government’s Joint Ransomware Task Force (JRTF) kicked off its inaugural meeting with a discussion of new initiatives to collaborate with state, local, tribal, and territorial entities to protect against ransomware intrusions and disrupt malicious actors, according to a September 14 press release from the Cybersecurity and Infrastructure Security Agency (CISA). […]

The Cybersecurity and Infrastructure Security Agency (CISA), along with its partners, released a Cybersecurity Advisory (CSA) on Sept. 14 to warn agencies about continued malicious cyber activity from actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC). […]

The Cybersecurity and Infrastructure Security Agency (CISA) has issued its strategic plan for 2023 to 2025, setting forth four main goals of cyber defense, risk reduction and resilience, operational collaboration, and agency unification. […]

Kiersten E. Todt, chief of staff (COS) at the Cybersecurity and Infrastructure Security Agency (CISA), detailed some of the ways the agency is recruiting people and what they are looking for in possible candidates and ways they can expand in the future. […]

The Billington CyberSecurity Summit closed out day two with a discussion with the Cybersecurity and Infrastructure Security Agency’s (CISA) Senior Election Security Advisor, Kim Wyman, on the necessity of voting infrastructure protection in the upcoming national elections. […]

Collaborating with private entities is a sure way to improve the security of open source software, said Allan Friedman, the senior advisor and strategist for the Cybersecurity and Infrastructure Strategy Agency (CISA), during day two of the Billington CyberSecurity Summit. […]

The Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), Eric Goldstein, preached the importance of offensive and defensive cybersecurity teams working together to mitigate attacks in America from adversaries. […]

Chief Technology Officer (CTO) of the Cybersecurity & Infrastructure Security Agency (CISA), Brian Gattoni, discussed the future of applying artificial intelligence (AI) to Federal cybersecurity operations during the Billington Cybersecurity Summit on September 7. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a new guideline aimed at preparing critical infrastructure operators in the United States for the cybersecurity dangers of post-quantum cryptography. […]

Implementing zero trust security architectures remains a team-based exercise in which technology and security leaders need to lean on each other for knowledge and advice – even those who help run IT operations at tech-savvy agencies like the Cybersecurity and Infrastructure Security Agency (CISA). […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) on August 11 issued a Cybersecurity Advisory (CSA) on the Zeppelin ransomware threat as part of CISA’s #StopRansomware initiative. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a cybersecurity advisory on August 18 that warns about Common Vulnerabilities and Exposures (CVEs) that they say are “currently being exploited” against the Zimbra Collaboration Suite (ZCS). […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) on the top malware strains of 2021. […]

The Federal government – galvanized by the Biden Administration’s Cybersecurity Executive Order – has spent a lot of time and money on cybersecurity solutions, but as the digital landscape continues to evolve so does the risk. […]

Witnesses at a House Homeland Security Committee hearing on July 20 provided lawmakers with feedback about how local election officials are viewing security information being supplied to them by the Federal government, along with the need to train local officials on ways to defeat misinformation. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) “Shields Up” cybersecurity campaign launched in February to warn critical infrastructure operators and other U.S.-based organizations of cybersecurity threats spilling over from Russia’s invasion of Ukraine is proving its worth over the first four months of operation. […]

The Cyber Safety Review Board (CSRB) – in its inaugural report released today – praised the Cybersecurity and Infrastructure Security Agency (CISA) for its response to the ongoing Log4j software vulnerability, and found that to date there have not been any significant Log4J-based attacks on U.S. critical infrastructure. […]

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and Department of the Treasury (DoT) released an advisory on July 6 that attributes ransomware attacks launched against healthcare and public health (HPH) organizations to North Korean state-sponsored organizations. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program offers a wide range of security benefits for Federal agencies. Still, a CISA official wants to help agencies unlock the program’s full potential. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly is considering a big basket of recommendations delivered this week by the agency’s Cybersecurity Advisory Committee, including suggestions that the agency boost its workforce development and acquisition efforts and establish a new chief people officer position. […]

The Government Accountability Office (GAO) is pressing the departments of Treasury and Homeland Security (DHS) to assess whether a further Federal response is needed to address the government’s existing terrorism risk insurance program, which may not cover losses from cyber and other attacks on U.S. critical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is winning rave reviews from cybersecurity practitioners who are working to improve Federal civilian agency security. CDM has the potential to become even more crucial to the cyber fight once its latest generation of technologies are fully leveraged. […]

Building a zero-trust security architecture foundation that underlies better cybersecurity capabilities is at the top of the list for Robert Costello, Chief Information Officer at the Cybersecurity and Infrastructure Security Agency (CISA). […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced it is now accepting nominations for its first cohort of Cyber Innovation Fellows, with an applications due date of July 8. […]