The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency and international cybersecurity partners, issued guidance on Thursday to help cyber defenders better defend on-premises Microsoft Exchange servers against exploitation. […]

For the first time in years, the United States is no longer making progress in bolstering its cyber defenses and is instead “stalling” and “slipping” in its ability to protect itself and allies, the successor organization to the U.S. Cyberspace Solarium Commission (CSC) revealed in a report published Wednesday.  […]

Five House Democrats are leading the latest congressional effort to demand answers from the Department of Homeland Security about the reassignment of Cybersecurity and Infrastructure Security Agency (CISA) employees to immigration enforcement roles during the government shutdown, calling the efforts “a political maneuver.”  […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Wednesday in response to a “significant cyber threat” targeting federal networks through certain devices and software made by the technology company F5. […]

Rep. Eric Swalwell, D-Calif., wants to know whether the Cybersecurity and Infrastructure Security Agency (CISA) has reassigned or terminated some of its workforce amid the ongoing government shutdown.   […]

Senate Commerce Chairman Ted Cruz, R-Texas, is alleging in a new report that the Biden administration weaponized the Cybersecurity and Infrastructure Security Agency (CISA) by using it to police the speech of voters who supported President Donald Trump.   […]

A senior Cybersecurity and Infrastructure Security Agency (CISA) official said Wednesday that the agency is narrowing its focus to core cyber defense duties after years of mission creep, emphasizing the need to protect federal networks, safeguard critical infrastructure, and push manufacturers to develop technology that is “secure by design.”  […]

The Federal Risk and Authorization Management Program (FedRAMP) is requiring FedRAMP authorized cloud service providers (CSPs) to identify and report all Cisco Adaptive Security Appliances (ASA) platforms, following the issuance of an emergency directive by the Cybersecurity and Infrastructure Security Agency (CISA) last week. […]

The Department of Homeland Security (DHS) and its Cybersecurity and Infrastructure Security Agency (CISA) component on Monday announced the official beginning of Cybersecurity Awareness Month 2025. […]

The Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to take immediate action to patch vulnerabilities in the Cisco Adaptive Security Appliances (ASA) platform by Friday, Sept. 26, at 11:59 p.m. […]

Steve Casapulla has been tapped to serve as the assistant director for infrastructure security at the Cybersecurity and Infrastructure Security Agency (CISA), the agency announced on Tuesday.   […]

Sandy Radesky, associate director for vulnerability management at the Cybersecurity and Infrastructure Security Agency (CISA), announced her departure from the agency this week after nearly three years of service. […]

The Cybersecurity and Infrastructure Security Agency (CISA) plans to seek funding and input from international governments to support its Common Vulnerabilities and Exposures (CVE) Program, a senior official said Wednesday.  […]

A Cybersecurity Infrastructure and Security Agency (CISA) program designed to pay incentives to retain highly skilled cybersecurity professionals has spent over $138 million over the last four years – most of which hasn’t gone to the right people.  […]

As cyber threats intensify, the Cybersecurity and Infrastructure Security Agency (CISA) is pushing to modernize its defenses by overhauling compliance tools and rethinking its authority to operate (ATO) efforts, CISA Chief Information Officer (CIO) Robert (Bob) Costello said on Tuesday. […]

After narrowly avoiding a lapse in its funding earlier this year, the Common Vulnerabilities and Exposures (CVE) Program is getting an update, the Cybersecurity and Infrastructure Security Agency (CISA) announced on Wednesday.  […]

The Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) will be bringing together all of the federal chief information security officers (CISOs) within the next month for a tabletop exercise focused on operational resilience. […]

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and 19 international partners released a joint guide on Sept. 3 that aims to inform the global cyber community on the value of implementing a software bill of materials (SBOM). […]

While artificial intelligence is becoming indispensable to proactive cyber defense strategies, federal cyber leaders warned on Sept. 4 that agencies must pair AI-driven detection with strong response planning and resilience measures to withstand inevitable cyberattacks.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) has appointed Nicholas Andersen as its new executive assistant director for cybersecurity, tasking him with leading efforts to combat major cyber threats and strengthen the resilience of the nation’s critical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Aug. 26 rolled out a new web-based tool that the agency said can help IT industry decision makers, procurement officials, and software suppliers “strengthen cybersecurity practices throughout the software procurement lifecycle.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is sharing details on what vendors can expect from its list of product categories that support post-quantum cryptography (PQC), which a CISA official said this week that the agency is on track to deliver in December. […]

Chinese state-sponsored hackers are waging a global cyber campaign against critical infrastructure, U.S. and international authorities warned today. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has sworn in Brian Bonacci as the agency’s chief of staff. […]

The Cybersecurity and Infrastructure Security Agency (CISA) today released a draft of the first federal update to software bill of materials (SBOM) guidance since 2021, covering a new range of use cases, generation processes, and improvements to data quality.  […]

The Cybersecurity Infrastructure and Security Agency (CISA) and Sandia National Laboratories are warning that public and private sector collaborators must work to close the “software understanding” gap to better secure the nation’s systems and infrastructure.  […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) new guidance, released on Aug. 13 for critical infrastructure owners and operators to improve the security of their operational technology (OT), focuses on creating and maintaining comprehensive OT asset inventories and taxonomies. […]

The Cybersecurity and Infrastructure Security Agency (CISA) today ordered Federal government agencies to take mitigation steps to deal with a Microsoft Exchange Vulnerability that the agency warned about on Wednesday night, and to finish that work by 9 a.m. Eastern time on Monday, Aug. 11. […]

The Department of Homeland Security (DHS) said on August 1 that it is offering $103.8 million of grant funding to state, local, and tribal governments to “strengthen community cybersecurity.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) released an Eviction Strategies Tool on July 30 to help cyber defenders better respond to cyber incidents. […]