Successfully implementing a zero trust architecture can oftentimes be a challenge for organizations, especially when there is a lack of buy-in at the executive level. To help clear that kind of hurdle, Federal officials say the secret sauce is developing a zero trust business case. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) said this week it will focus on three main priority areas in 2023: systemic risk, collective cyber response, and high-risk communities, according to its 2023 Planning Agenda released on Jan 26. […]

A top official at the Cybersecurity and Infrastructure Security Agency (CISA) said that we can expect to see “much more” guidance from agency cyber gurus in the coming months on Cybersecurity Supply Chain Risk Management (C-SCRM). […]

Daniel Bardenstein, the Cybersecurity and Infrastructure Security Agency’s (CISA) Chief of Technology Strategy and Delivery, said on Jan. 18 he will be stepping down from his post at the cyber defense agency. […]

Rep. Ritchie Torres, D-N.Y., has asked the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Transportation (DOT) to conduct a joint review of the cyber vulnerabilities of all systems supporting national air travel, according to a Jan. 12 letter Rep. Torres sent to CISA Director Jen Easterly. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released its 2022 Year in Review report this week, highlighting the agency’s increased collaboration with industry partners. […]

As open source tools and software are becoming a more integral part of the government’s technology base, a host of agencies are at work formulating strategies to take best advantage of that trend, according to Allan Friedman, senior advisor and strategist at the Cybersecurity and Infrastructure Security Agency (CISA) […]

The nation’s path to sustainable cybersecurity improvement lies in improving technology security by design, and achieving better communication between industry and government, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), during an address today at the CES 2023 technology conference in Las Vegas. […]

From ensuring the nation’s voting infrastructure was secure in preparation for election season to developing strategies and goals to support critical infrastructure owners and operators, boosting the nation’s cyber posture was among many Federal agencies’ top priorities for 2022.  […]

Cloud security provider Zscaler said this week that it has joined the Joint Cyber Defense Collaborative (JCDC), which was created last year by the Cybersecurity and Infrastructure Security Agency (CISA) to unify the efforts of cyber defenders from organizations around the world. […]

One of the Cybersecurity and Infrastructure Security Agency’s (CISA) mainstay cybersecurity protection programs got an extended lease on life, along with $91 million of funding, in the fiscal year (FY) 2023 omnibus appropriations bill released by the House and Senate Appropriations committees on Dec. 20. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is in line to receive a 12 percent funding increase under Fiscal Year 2023 appropriations legislation unveiled today – a spending hike that Capitol Hill leaders said will help the agency boost its ability to prevent cyberattacks and secure critical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) co-chaired the second meeting of their Joint Ransomware Task Force (JRTF) on Dec. 14, with a CISA leader saying that the task force effort is yielding “unifying” effects in the fight against ransomware-driven cyber attacks. […]

A consortium of universities is leveraging Federal grants to produce research on the “nexus” of terrorism and cybersecurity, one top academic said at Splunk’s GovSummit on Dec. 14. […]

Top officials at the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) are “demystifying” how the Federal government maintains critical infrastructure security and resiliency by partnering and sharing information with organizations across the globe, panelists said at Splunk’s Dec. 14 Government Summit in Washington, D.C. […]

Federal agency tech leaders this week identified issues of cost and culture when it comes to the biggest challenges to implementing zero trust security architectures. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly wants the agency’s Cybersecurity Advisory Committee (CSAC) to stand up a new subcommittee focused on corporate cyber responsibility as part of a move to build a cyber “civil defense” capacity. […]

Federal agencies have until September 30, 2023, to report at least 80 percent of their IT systems through the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, according to an OMB Federal Information Security Modernization Act (FISMA) guidance issued on Dec. 2. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has added two new Common Vulnerabilities and Exposures (CVEs) listings to its already extensive website catalog of CVEs, the agency said in a Twitter posting on Nov.28. […]

Since July 2021, the Hive ransomware group has victimized over 1,300 companies worldwide and received about $100 million in ransom payments, according to the Federal Bureau of Investigation (FBI). […]

The Cybersecurity and Infrastructure Security Agency (CISA) along with the National Security Agency (NSA) and the Office of the Director of National Intelligence (ODNI) published the final part of the three-part series on securing supply chains on Nov. 17. […]

The Cybersecurity and Infrastructure Security Agency (CISA) announced on Nov. 22 the release of a new update on the agency’s Infrastructure Resilience Planning Framework (IRPF) which helps state, local, tribal, and territorial planners protect technological infrastructure. […]

The General Services Administration (GSA) filed a request for information (RFI) on behalf of the Cybersecurity and Infrastructure Security Agency (CISA) to gather industry feedback on a potential cyber threat intelligence exchange platform. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has named Dr. Elizabeth Kolmstetter the agency’s first-ever Chief People Officer. […]

Iranian nation-state threat actors breached a Federal agency’s network before deploying malware, including a credential harvester and a cryptocurrency miner, according to a joint advisory released on Nov. 16, by the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA). […]

The Government Accountability Office (GAO) said in a Nov. 16 report that Federal agencies need to up their ransomware assistance for state, local, Tribal, and territorial (SLTT) government organizations – including schools – by improving interagency collaboration, awareness, outreach, communication, and coordination with schools. […]

The Cybersecurity and Infrastructure Agency (CISA) has outlined critical steps for the prioritization of software vulnerability remediation by Federal agencies and the private sector. However, the success of these steps relies on software vendors providing the necessary information for this process. […]

A Cybersecurity and Infrastructure Security Agency (CISA) official told attendees at the Nov. 9 Red Hat Government Symposium that the agency’s efforts to improve security threat hunting within Federal government networks relies on speeding threat data to end users who can best use it. […]

The nation’s voting infrastructure received a clean bill of health today for its 2022 midterm election performance from the government’s top civilian cybersecurity agency, even as the outcome of numerous close election contests remained unknown late into the day after the elections. […]

As Federal agencies work through the second year of implementing the Biden administration’s cybersecurity executive order issued in May 2021, one benefit not enumerated in the order is coming into view: chief information officers (CIO) and security officials are getting a bigger seat at the table with agency leadership. […]