The Cybersecurity and Infrastructure Security Agency (CISA) has announced three initial key actions to help secure the open source ecosystem upon the conclusion of its two-day Open Source Software (OSS) Security Summit this week. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a large-scale modernization process with plans to migrate the majority of its legacy IT systems to a brand-new “greenfield solution” later this year, according to CISA Chief Information Officer (CIO) Robert (Bob) Costello. […]

A senior official with the Cybersecurity and Infrastructure Security Agency (CISA) said today that the agency had not seen as of late morning any credible cybersecurity-related threats to “Super Tuesday” election operations around the country. […]

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and international partners, released a cybersecurity advisory (CSA) today to warn about the ongoing exploitation of multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. […]

Government agencies and private sector firms need to boost their cybersecurity capabilities to keep pace with increasing threats and should turn to AI and quantum computing for help in pursuing that goal, Federal cybersecurity experts said today at the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon in Washington, D.C […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the UK National Cyber Security Centre (NCSC) and other international partners – has released a joint advisory warning of tactics and techniques used by alleged Russian Foreign Intelligence Service (SVR) hackers to infiltrate cloud systems. […]

The Cybersecurity and Infrastructure Security Agency (CISA), Environmental Protection Agency (EPA), and FBI published a joint fact sheet on Feb. 21 outlining the top cybersecurity actions water and wastewater systems sector (WWS) entities can take to improve their cyber resiliency. […]

Microsoft announced today that it is officially launching its expanded cloud logging capabilities to all Federal agencies this month after working closely with the Cybersecurity and Infrastructure Security Agency (CISA), Office of Management and Budget (OMB), and Office of the National Cyber Director (ONCD) to finalize this effort. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has given its Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force another two-year term to continue its work on creating solutions for managing global ICT supply chain risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is moving to consolidate disparate zero trust security policy functions into a new single office at the agency. […]

The U.S. government’s Zero Trust progress is paying off as organizations across the public and private sectors address Ivanti security breach risks.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued 2024 Priorities today for its Joint Cyber Defense Collaborative (JCDC) – aligning its priorities for the first time under three focus areas to help establish resources required and strategic direction. […]

Top IT experts at the Departments of Treasury and Veterans Affairs (VA) said that the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) program holds a lot of promise, but is “still in its infancy” with program kinks to be worked out. […]

Federal agencies have until the end of the day to shut down two widely used software products due to major cybersecurity vulnerabilities. […]

As polls across the United States begin to open for the 2024 election cycle, the Cybersecurity and Infrastructure Security Agency (CISA) is warning election officials of the role generative AI could play in threatening election infrastructure. […]

Federal agency officials are looking for more collaboration across agencies to combat cybersecurity threats fueled by relentless adversaries who are employing the latest technologies in their attacks. […]

As the 2024 presidential election draws near, Senate Intelligence Committee Chairman Mark Warner, D-Va., is looking to the Cybersecurity and Infrastructure Security Agency (CISA) to share critical information to help combat foreign election threats. […]

In joint guidance released on Jan. 17, the Cybersecurity and Infrastructure Security Agency (CISA) – alongside the FBI – is warning critical infrastructure and state, local, tribal, and territorial partners of  cybersecurity threats posed by Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive today requiring agencies to mitigate “widespread and active exploitation” of vulnerabilities in Ivanti Connect Secure VPN and Policy Secure network access control appliances. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to test the technical capabilities of teams and individuals in its fifth annual 2024 President’s Cup Cyber Competition, where teams will be pitted against each other in a competition to recognize and reward some of the very best in the cybersecurity world.’ […]

The Department of Homeland Security (DHS) is looking for information that will support the agency’s Advanced Analytics Platform For Machine Learning (CAP-M) Project – a program under development at the Cybersecurity Infrastructure Security Agency (CISA) – to support new software and tools in a multi-tenant cloud environment. […]

The Government Accountability Office (GAO) is urging the U.S. Food and Drug Administration (FDA) and the Cybersecurity and Infrastructure Security Agency (CISA) to update their five-year-old arrangement to cooperate on improving medical device cybersecurity. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Dec. 15 released the results of a January 2023 Risk and Vulnerability Assessment (RVA) performed on an unidentified organization in the Healthcare and Public Health (HPH) sector that found exploitable misconfigurations and the use of weak passwords, among other cybersecurity weaknesses. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) said that it will begin a two-year strategic effort to modernize its approach to enterprise cyber threat information sharing in 2024 “to maximize value to our partners and keep pace with a changing threat environment.”  […]

The Cybersecurity and Infrastructure Security Agency (CISA) is pushing equipment and software manufacturers to eliminate the use of default passwords in their products. […]

The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a new report providing guidance on industry best practices on open source software and software bills of materials (SBOM). […]

As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA). […]

While technology advancements are reshaping the way IT teams work together and driving organizational change across the Federal government, a top tech leader at the Office of Personnel Management (OPM) said Tuesday that a major piece of modernization for better citizen experiences is rooted in training the agency workforce in tech adoption. […]