Strengthening cloud service capabilities over the past year has been an important step for Federal agencies to both deal with pandemic-era network service demands, and bolster cybersecurity by meeting requirements of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program while using cloud services. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is looking to obtain information from industry on providing a secure work management tracking system to better secure the Federal IT enterprise. […]

In a Senate Homeland Security Committee hearing, Alejandro Mayorkas, President-elect Joe Biden’s nominee for Secretary of the Department of Homeland Security (DHS), laid out his vision for the nation’s cybersecurity and promised to make it a priority if confirmed. […]

The costs and consequences of the Russia-backed hack of government and private sector networks via a breach of SolarWinds Orion products are continuing to grow more than a month after the exploit was publicly disclosed, a senior official with the Cybersecurity and Infrastructure Security Agency (CISA) said today. […]

A broad economic recovery plan released late today by President-elect Joe Biden proposes a whopping $9 billion increase to the Technology Modernization Fund (TMF), along with a host of other funding measures to upgrade Federal government technology and improve IT security following the Russian hack of thousands government and private sector networks that came to light last month. […]

Faced with evolving technologies, increased use of hybrid cloud infrastructures, and the continuing need to provide widescale telework capabilities, all Federal agencies should be looking at migrating to zero trust security concepts, experts from two agencies said this week. […]

Kevin Cox, Continuous Diagnostics and Mitigation (CDM) program manager, said today that he could not directly address the Russian government hack of thousands of government and private sector networks that came to light in December, but emphasized the importance of network resilience to quickly recover from intrusions and breaches. […]

The Cybersecurity and Infrastructure Security Agency (CISA) late Friday issued a new alert – stemming from the Russian hack of SolarWinds Orion products – in which CISA warns it has uncovered evidence of post-hack advanced persistent threat (APT) activity in the cloud environment. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a new round of supplemental guidance on Jan. 6 to the emergency directive that the agency issued on Dec. 13, 2020, providing remediation guidance in response to the Russia-backed hack of more than 18,000 government and private sector systems via SolarWinds Orion products. […]

Federal law enforcement and intelligence agencies said today they believe that “fewer than ten” Federal agencies have been targeted by “follow-on” activity after initial breaches in the Russia-directed hacking of government networks via SolarWinds Orion products. […]

A bill introduced on Dec. 11 by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, would require Federal agencies to report to Congress within seven days about any cyber attacks they have faced that would cause significant harm to national security or agency operations. […]

The Cybersecurity and Infrastructure Security Administration’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is due to receive a much-needed funding increase for Fiscal Year 2021, helping to address a shortfall for the program that aims to improve network security at Federal government civilian agencies. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a draft version of a Trusted Internet Connections (TIC) Use Case focusing on access for remote users and user-owned mobile devices, setting the stage for more direct network access to agency and cloud-based resources. […]

Malicious actors are targeting K-12 schools with a strong increase in ransomware attacks and other cyber threats, according to a Joint Cybersecurity Advisory released December 10 by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). […]

The Department of Defense’s (DoD) Defense Innovation Unit (DIU) and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) component have signed a Memorandum of Understanding to collaborate on cybersecurity measures, according to a Dec. 17 announcement. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released the annual report for the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force on Dec. 17 which highlights ongoing efforts of five working groups addressing challenges related to information sharing, threat analysis, qualified bidder and qualified manufacturers lists, vendor assurance, and the COVID-19 pandemic. […]

The Cybersecurity and Infrastructure Security Agency (CISA) warned today that threats to government networks caused by previously reported breaches of SolarWinds Orion products pose a “grave risk” to Federal government, state, tribal and territorial governments, critical infrastructure entities, and other private-sector organizations. […]

In a push to help students and faculty feel safer in their classrooms, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to help K-12 schools make data-driven decisions on how to use current and evolving security procedures and technologies to improve school security – primarily against active assailants. […]

With the first batch of COVID-19 vaccines making their way across the country, the Cybersecurity and Infrastructure Security Agency (CISA) has issued guidelines for keeping cold storage facilities safe from cyberthreat actors. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is requiring all Federal civilian agencies to disconnect or turn off any SolarWinds Orion products by noon today, as a nation-state hack of the tools pose a significant cybersecurity threat and is linked to a hack at the Treasury and Commerce Departments. […]

Christopher Krebs, the Cybersecurity and Infrastructure Security Agency (CISA) Director fired
by President Trump earlier this month for disputing broad White House assertions of fraud in the 2020 general election, said on a Nov. 29 broadcast of “60 Minutes” that multiple recounts of votes in Georgia offer a measure of proof that the election’s outcome was not impacted by widespread fraud. […]

Few things seem to unite Republicans and Democrats these days, but President Trump’s abrupt firing of Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs seems to be one of the issues bucking that trend. President Trump fired Krebs via his Twitter account on Tuesday evening, prompting a mix of outrage and disapproval from members of Congress […]

As the Federal Election Commission (FEC) dealt with oversight of a massive increase in campaign donations during a presidential election cycle, the agency at the same time struggled with its cybersecurity and the absence of a full-time CIO, the FEC’s Office of the Inspector General found in a report released November 13. […]

Election security leaders including Bob Kolasky, Director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency (CISA), late Thursday pronounced the November 3 election as “the most secure in American history,” and said they found no evidence of voting system compromises, or changed votes. […]

Bryan Ware, assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), is leaving his post at the agency, a CISA spokesperson confirmed to MeriTalk. […]

A new report from the Cybersecurity and Infrastructure Security Agency (CISA) and the Information and Communication Technology Supply Chain Risk Management Task Force finds several factors contributing to IT supply chain problems during the coronavirus pandemic. […]

Senior officials with the Cybersecurity and Infrastructure Security Agency (CISA) said this morning that reported county-level problems with voting systems on election day are likely due to technical glitches, and not cyber attacks. […]

The Department of Homeland Security’s (DHS) Inspector General’s Office (OIG) is giving credit to the Cybersecurity and Infrastructure Security Agency’s (CISA) efforts to improve election security nationwide, but said in a new report that CISA still has a lot of work to do on that front, particularly in areas involving physical security of election infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and FBI issued a joint cybersecurity advisory on Oct. 22 to warn operators of state, local, territorial, and tribal (SLTT) government networks that they may be targeted by Russian state-sponsored advanced persistent threat (APT) actors. […]

Reps. Jim Langevin, D-R.I., and Doris Matsui, D-Calif., introduced a bill Oct. 16 to improve cybersecurity at K-12 schools. The Enhancing K-12 Cybersecurity Act would work to promote more access to security information, better track attack trends, and increase the number of cybersecurity experts in schools. […]