Lawmakers and industry leaders on Tuesday highlighted ways the Cybersecurity and Infrastructure Security Agency (CISA) should seek to secure artificial intelligence (AI) technologies, starting with integrating the emerging technology into the agency’s existing cyber policies and guidelines. […]

The Cybersecurity and Infrastructure Security Agency (CISA), as part of its Secure Cloud Business Applications (SCuBA) program, released a series of nine security configuration baselines for Google Workspace today, including applications like Gmail, Google Drive, and Google Meet.  […]

The Federal government has come a long way in improving civilian agency and critical infrastructure cybersecurity over the past ten years. Central to that improvement effort is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has the weighty mission of managing and reducing risk to U.S. cyber and physical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) voted on Dec. 5 to approve two recommendations for the agency to consider on advancing memory safe system languages (MSSL), and on further strengthening operational collaboration. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) – have released a new cybersecurity advisory warning of continued Iranian-backed cybersecurity attacks aimed towards American and Israeli water and wastewater systems (WWS). […]

The Federal Cybersecurity Workforce Expansion Act has been reintroduced in the House as part of a bipartisan, bicameral effort to strengthen the nation’s cyber defenses and cybersecurity workforce by creating two new training programs within the Federal government. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – in partnership with the United Kingdom’s National Cyber Security Centre (NCSC) – has released guidelines to help AI developers make informed cybersecurity decisions.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced it will relaunch its Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) to help combat ransomware, evaluate the effectiveness of security controls, and drive down cyber risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI cautioned today that the LockBit ransomware gang is exploiting the Citrix Bleed security flaw in exploits against critical infrastructure sectors, according to a joint cybersecurity advisory (CSA) issued with the Multi-State Information Sharing and Analysis Center and the Australian Cyber Security Center.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the launch of its new Cybersecurity Shared Services Pilot Program, which is designed to deliver cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities such as the healthcare, water, and K-12 education sectors. […]

The Biden administration’s recent artificial intelligence (AI) executive order (EO) is rapidly accelerating AI use and employee training among Federal agencies, a top Cybersecurity and Infrastructure Security Agency (CISA) official said on Nov. 15. […]

Federal government agencies will need to “greatly accelerate” their efforts to implement key zero trust security measures in order to keep up with potential cybersecurity threats resulting from the ongoing development of artificial intelligence (AI) technologies, said a Cybersecurity and Infrastructure Security Agency (CISA) official who addressed the Red Hat Government Symposium 2023 event in Washington, D.C. today. […]

The Cybersecurity and Infrastructure Security Agency (CISA) said today it is aiming to responsibly use artificial intelligence (AI) technologies in its missions to protect Federal civilian agencies and critical infrastructure sectors, while also assisting government and private sector organizations in making sure that the AI-enabled software they use is secure by design. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – which in recent years has taken an outsized role in helping to ensure the security of elections run by state and local authorities throughout the country – said today that it had seen no credible threats to election infrastructure and processes as many states held off-year elections for state legislative and other offices. […]

With the Continuous Diagnostics and Mitigation (CDM) Program – one of the Cybersecurity and Infrastructure Security Agency’s (CISA) top security efforts for Federal agencies – hitting its 11-year anniversary, Program Manager Matt House last week discussed some of the program’s major priorities for fiscal year 2024. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a request for comment, looking for public comments on its latest white paper on software identification ecosystems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Logging Made Easy (LME), a new Windows-based, free and open log management toolset designed to help organizations better use security data. […]

A top Cybersecurity and Infrastructure Security Agency (CISA) official said this week that the House Republicans’ proposed 25 percent budget cut to the cyber agency would have “catastrophic” effects on CISA’s programs – like the Continuous Diagnostics and Mitigation (CDM) Program. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is leading an effort to update the National Cyber Incident Response Plan (NCIRP) by the end of 2024, as directed in the Biden administration’s National Cybersecurity Strategy released earlier this year. CISA, in close coordination with the Office of the National Cyber Director (ONCD), is embarking on a […]

A new report out today from the Center for Strategic and International Studies (CSIS) focuses on the Cybersecurity Infrastructure Security Agency’s (CISA) growth and mission needs, and offers a range of findings and recommendations that go beyond basic funding needs to bolster CISA’s ability to defend the nation’s cyberspace and the security of Federal Civilian Executive Branch agencies (FCEB). […]

Federal agencies are increasingly adopting edge computing, citing its transformative power to enable field agents and military personnel to make faster decisions and respond to crisis situations, experts said. […]

The Cybersecurity and Information Security Agency (CISA) is making some major changes to how it manages the infrastructure behind official government websites. The next change, CISA said, is launching a new .gov registrar.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) and 17 international partners rolled out the first new batch of updates to its “secure-by-design” guidance document Monday. […]

The Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat posed by China within the cyber realm is evolving and much more serious today than it was a decade ago ­– particularly when it comes to potentially targeting the United States’ critical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is asking organizations that deliver essential internet services to quickly apply updates and patches to their networks after news emerged this week detailing what are thought to be the largest-ever distributed denial-of-service (DDoS) attacks. […]

The Cybersecurity and Infrastructure Security Agency (CISA) published new guidance today to improve security and risk management of open source software (OSS) use at operational technology (OT) vendors and critical infrastructure facilities. […]

A newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), highlights the most common cybersecurity misconfigurations in large organizations.  […]

New guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) highlighted significant ongoing challenges Federal agencies and industry face in implementing security controls like multifactor authentication (MFA) to manage identity security. […]

Hours before it appeared the government was set to shut down, President Biden issued an executive order Friday to extend the activities of the National Security Telecommunications Advisory Committee (NSTAC) until Sept. 30, 2025.   […]

A new report from the Government Accountability Office (GAO) finds that Federal agencies and critical infrastructure owners must do a better job at sharing information to tackle increasingly complex cyber threats. […]