The Cybersecurity and Infrastructure Security Agency (CISA) said the agency is aiming to begin a rulemaking process to implement mandatory cyber incident reporting rules for critical infrastructure owners and operators included in the Fiscal Year 2022 omnibus spending bill signed into law by President Biden last month. […]
Tags
CISA
Artificial intelligence (AI) and machine learning (ML) capabilities are still coming to bear as Federal agencies continue to understand how these technologies can help drive cloud adoption and evolution. However, to be successful in this environment Federal agencies must understand their security obligations and those of a cloud computing provider to ensure accountability, along with the role that AI/ML plays in security automation, a senior Cybersecurity and Infrastructure Security Agency (CISA) official said. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI) to promote a call to action for organizations to focus on protecting information and communications technology (ICT) supply chains, under the banner “Fortify the Chain.” […]
The Cybersecurity and Infrastructure Security Agency (CISA) held its second Cybersecurity Advisory Committee meeting on March 31, where committee members provided updates on their subcommittee work that will help inform key deliverables for the committee’s next meeting in June. […]
While the zero trust security model has been widely recognized as an effective approach to preventing and mitigating data breaches, an official with the Cybersecurity and Infrastructure Security Agency (CISA) said this week there are several misconceptions Federal agencies have which make them skeptical about adopting the framework. […]
On December 13, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive that called for agencies to disconnect or turn off any SolarWinds Orion products by noon the following day, due to an exploit of Orion network monitoring software that posed a “grave risk” to agencies, critical infrastructure providers, and other private-sector organizations. […]
The White House released President Biden’s fiscal year (FY) 2023 budget request today, with a top-line number of $5.8 trillion and featuring proposals to spend $10.9 billion for civilian cybersecurity measures – marking an 11 percent increase in civilian agency cyber spending from reported FY2022 levels. […]
Federal cybersecurity agencies along with the Department of Energy (DOE) have published a new cyber advisory that talks about several Russian hacks on the energy sector between 2011 and 2018 that are the subject of a Department of Justice (DOJ) indictment unsealed this week against Russian actors for those past attacks. […]
Top officials from the Cybersecurity and Infrastructure Security Agency (CISA) said they briefed more than 13,000 industry stakeholders on March 22 about the Federal government’s latest warning about possible Russian cyberattacks that may be directed against U.S. critical infrastructure sectors. […]
Federal agencies are showing urgency and pushing hard to meet challenging zero trust security implementation deadlines following rollout of the Office of Management and Budget’s (OMB) zero trust strategy in January, government and industry experts agreed during a March 15 webinar hosted by MeriTalk and Merlin Cyber. […]
The late-day warning on Monday from President Biden and White House national security officials that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure targets appeared to turn many heads in the Federal cybersecurity community that is by now long-used to receiving and generating cybersecurity advisories. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued an alert on March 17 warning of possible threats to U.S. and international satellite communication (SATCOM) networks. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly has set what she called an “ambitious goal” to fill talent gaps in the cybersecurity industry by targeting a 50 percent share of that workforce for women by 2030. […]
President Biden signed the fiscal year (FY) 2022 omnibus appropriations bill today that will keep the Federal government funded through Sept. 30. […]
After a few failed attempts, cyber incident reporting legislation made it over the finish line as part of the fiscal year (FY) 2022 appropriations bill – a victory hailed by Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and lawmakers as a necessary step for more visibility to protect critical infrastructure. […]
The House of Representatives late on March 9 passed the long-awaited full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, along with a four-day continuing resolution (CR) to give the Senate a few more days to shepherd the full-year omnibus spending bill to passage. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) is preparing for a change in leadership, as founding member Bob Kolasky prepares to leave CISA for the private sector. […]
House and Senate Appropriations Committees today unveiled a full-year omnibus spending bill covering Federal government operations for the rest of fiscal year (FY) 2022 that ends on Sept. 30. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) is shifting its focus from protecting sets of critical assets to improving the resilience of critical functions, the Government Accountability Office (GAO) said the agency should improve its priority setting, stakeholder involvement, and threat information sharing in connection with that effort. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and FBI are warning United States-based organizations of two destructive malware programs used by Russia against Ukrainian organizations in the leadup to Russia’s invasion of Ukraine, and the threat vectors seen in those attacks. […]
The National Security Telecommunications Advisory Committee (NSTAC) – a group of private sector experts that advises the White House on telecommunications issues that affect national security and emergency preparedness – is advising the Cybersecurity and Infrastructure Security Agency (CISA) to establish a dedicated Zero Trust Program Office. […]
With tensions mounting between Russia and Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) is warning critical infrastructure (CI) owners and operators – as well as any other United States-based organizations – to keep their guard up. To help organizations do that, the cybersecurity agency released insights for the CI sector, as well as a new webpage Feb. 18 to help organizations better steel themselves against a potential Russian cyber threat. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new webpage featuring a catalog of free cybersecurity tools and resources that the agency hopes will serve as a “one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk.” […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly made a strong pitch on Feb. 17 for the agency’s push to create an underlying culture of organizational success that she said is critical to creating optimal performance at the nation’s cyber defense agency. […]
A new cybersecurity advisory from the Federal government’s top cybersecurity watchdogs says that Russian state-sponsored hackers have compromised numerous defense industrial base (DIB) contractors both large and small over the past two years, and warns about the extensive bag of tricks that those hackers use when they target defense contractors. […]
Artificial intelligence-driven innovation requires top talent to drive agencies’ missions forward, and Federal officials this week shared how their agencies are building and recruiting their AI workforces. […]
After reviewing the cyberattack trends from 2021, the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory with the FBI and other international security partners warning of the rising global threat of ransomware and gave mitigation and remediation advice. […]
In the wake of the discovery and remediation efforts surrounding the Log4shell vulnerability in the Apache library that contains Log4j, the Cybersecurity and Infrastructure Security Agency (CISA) called for efforts to push forward a software bill of materials (SBOM). Those calls were reiterated today at a Senate hearing on the vulnerability by industry witnesses involved in remediation efforts. […]
In their efforts to help shrink the cyber workforce shortage, officials from the Office of the National Cyber Director (OCND) and the Cybersecurity and Infrastructure Security Agency (CISA) are emphasizing the need for collaboration and creation of a more robust culture of cybersecurity – starting with K-12 education on up. […]